75% remote: IAM Engineer (f/m/d) focus Secrets Management / Vault

For our client we are looking for an IAM Engineer (f/m/d) focus Secrets Management / VaultStart: 20.10.2025Duration: 3 months, + wish for a long-term prolongationCapacity: 80-100%Location: 75% Remote, 25% Berlin (1 week Berlin / 3 weeks remote in rotation), up to 50% onsite in peak timesLanguage: English is a must, German is a plusBudget: 80,00 EUR netRole:The IAM Service is responsible for the conception and designing of identity and access management (IAM) services for the platform. The primary goals are providing a scalable, secure, and federated access to applications, ensuring seamless integration across the hybrid cloud environment.Objectives:- Deploy and configure Vault services in enterprise environments- Implement secure lifecycle handling of secrets- Automate Vault provisioning and management- Ensure stable operations and technical alignment- Knowledge transfer and continuous improvementSkills (must-have):- Experience with Vault Enterprise administration, configuring Vault namespaces, ACLs, identity groups, DR, auto-unseal:o Secrets management integrations (VSO/ESO, CI/CD)o OIDC and RBAC/ABAC patternso HA/DR and secure operational runbooks.- Experience with the integrate of Keycloak OIDC/JWT and Terraform policy-as-code- Experienced with onboarding workflows (agents, sidecars, templates) and managing secret rotation engines and expiry alerts.- Experience with implementation of mTLS, IP allow-lists, JIT access, SIEM integration along with delivering tamperevident audit logging- Experience with the broader Vault architecture and its best-practices- Experience with Hardware Security Module (HSM) which needs to be integrated with infrastructure level with a basic knowledge of Public key infrastructure (PKI)- Experience with short-lived certs via Vault PKI (not ceremonies)Skills (should-have):- Experience with cloud services and their configuration- Knowledge about IAM solutions based on OpenID Connect (OIDC), such as Keycloak, for auth backends- Working with Scrum and general experience in agile frameworks- Experience with cloud services and their configuration- Fluent in German