Planning, building and operating on-premises platforms with a focus on directory services, federated authentication, Public Key Infrastructure (PKI) and Identity & Access Management (IAM)
Configuring, optimising and integrating these services into the overall ICT landscape – including network access control (NAC), multi‑factor authentication (MFA) and business‑critical applications
Contributing technically to the overarching ICT architecture as a specialist for authentication services and their interfaces to adjacent systems
Taking overall platform responsibility for all authentication services within the entire ICT infrastructure
Further developing and standardising the authentication services with respect to high availability, data security and integrity – with a clear focus on automation
Operating the authentication platforms actively and providing hands‑on support to the team in day‑to‑day ICT infrastructure operations
Working closely and interdisciplinarily with subject matter experts in network, virtualization and server infrastructure
Performing in‑depth fault analyses, performance diagnostics and capacity planning for the systems under management
Creating and maintaining system documentation and ensuring compliance with internal policies and regulatory requirements

Completed education in computer science or a comparable technical qualification with solid, several years of practical experience in Identity & Access Management
Proven experience in planning, implementing and operating Active Directory, IAM solutions and PKI infrastructures
Solid foundational knowledge of IT infrastructure topics such as compute, storage, server and client virtualization, and application operations
Strong security awareness in the design and operation of IT platforms in regulated and high‑availability environments
Experience with standardization and automation as a basis for cost‑efficient and reliable platform operation
Intrinsic motivation to deepen and develop professionally in a specialised, security‑critical environment over the long term
Independent, structured and analytical way of working with a high degree of personal responsibility
Strong written and verbal communication skills – both within the team and when liaising with business units
Very good German language skills (spoken and written) and good English skills
Willingness to participate in paid maintenance and on‑call duty (4–5 weeks spread across the year – each as 1 full week) as well as a clean criminal record (no convictions) and a category B driving licence are required

Flexible working hours with the option to work up to 50% remotely
Above‑average social benefits: generous pension fund contributions, 100% continued salary payment in case of illness or accident, and access to mental health services
Attractive family benefits, including generous parental leave arrangements and a subsidy for childcare costs
A collegial, diverse team with an open communication culture that tackles demanding technical challenges together

IAM System Engineer

Key skills