Identity- und Access Management Architekt
Aktualisiert am 13.09.2024
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 01.10.2024
Verfügbar zu: 60%
davon vor Ort: 25%
Identity- and Access Management
Solution Architecture & Design
Strategic advice and concepts
Analysefähigkeit
Teamleading
IAM
Identity Management
Access Management
Single-Sign-On
Enterprise Architektur
IT-Security
Cyber Security
Identity Federation
Identity & Access Governance
Sailpoint
Keycloak
DevOps
SAFe
Ping Identity
Quest One Identity
Deutsch
Muttersprache
Englisch
Verhandlungssicher

Einsatzorte

Einsatzorte

Deutschland
möglich

Projekte

Projekte

3 Monate
2024-06 - 2024-08

IAM Assessment and Roadmap Review

Lead Advisor IAM IAM Referenz Architektur IAM Assessment ...
Lead Advisor
On behalf of a KuppingerCole Analysts AG, I carried out an IAM assessment of the central IAM systems, technologies and processes for a large German logistics provider. The maturity level of the IAM capabilities was assessed based on a reference architecture. Measures and projects were then derived from this and a gap analysis was carried out against the existing IAM roadmap. The plan is to expand this analysis to all business areas of the company and evaluate it in terms of best practice, efficiency and usability.

Strategieberatung
IAM IAM Referenz Architektur IAM Assessment Strategieberatung Strategieplanung
Remote
2 Jahre 9 Monate
2021-04 - 2023-12

Gigabit Business Unit (Fiber Network Rollout)

IAM Architect Agile Development Microservices API Security ...
IAM Architect

  • Established an agile development team for IAM (Role: Product Owner)
  • Operation and redesign of an Access Management solution based on RedHat SSO (Keycloak) for a Microservices based Software System
  • Extension of the existing Access Management Layer to support Zero Trust and role-based permissions
  • Stabilization of operations by automating the deployment and redesigning the deployment architecture
  • Enterprise Architecture for Identity- and Access Management
Kong OpenShift Kubernetes Docker PostgreSQL Keycloak RHSSO HELMFILE Atlassian JIRA GitLab
Agile Development Microservices API Security OAuth 2.0 OpenID OpenAPI Swagger Product Owner SAFe
Telekom
Remote
2 Jahre 3 Monate
2019-01 - 2021-03

Enterprise Architecture and System Architect for One Identity Implementation

IAM Architect SAFe Enterprise Architect Solution Design ...
IAM Architect
  • Enterprise Architecture for Identity- and Access Management
  • Product selection for an IdM Product incl. PoC
  • Architecture and Solution Design for the new internal IAM System based on Quest One Identity
  • Helped to build up a whole new organization to develop and operate the new IAM Solution based on SAFe4
  • System Architect Internal IAM Hub
Sailpoint Quest One Identity SAP SuccessFactors SAP Employee Central LDAP Atlassian JIRA
SAFe Enterprise Architect Solution Design Strategieberatung
Telekom
Remote
13 Jahre 11 Monate
2005-02 - 2018-12

Various Consulting Engagements

IAM Architect and Lead Consultant Strategieberatung IAM Implementierung Java ...
IAM Architect and Lead Consultant

Before I worked for Telekom I have worked for Hewlett Packard as IAM Architect, Consultant and Lead Consultant:

  • Partner management, Go to-Market Strategy, Business planning
  • Strategic advice and IAM concepts for various DAX companies in Finance- and Banking, Automotive, Energy and Steel industry.
  • Implementation Projects based on Ping Federate, Sailpoint IIQ and SAP IdM for large Energy Providers, a Truck Manufacturer and an international (steel) industrial and technology company
  • Integrations with SAP, Azure AD (EntraID), LDAP, Databases and others using various protocols
  • Development of custom adapter for Sailpoint IIQ
  • Role mining, permission and role models
  • Developed methods to implement IdM Solutions based on agile methods instead of classic project management
Sailpoint IIQ Ping Federate Ping Identity Azure AD SAP Identity Management LDAP
Strategieberatung IAM Implementierung Java Scrum Identity Management Access Management IAM Berechtigungskonzept Rollenmodelle
Hewlett Packard
Europe

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2019-05 - 2019-05

Leading SAFe 4

Certified SAFe® 4 Agilist, Scaled Agile Inc
Certified SAFe® 4 Agilist
Scaled Agile Inc
A Certified SAFe® 4 Agilist (SA) is a SAFe enterprise leadership professional who is part of a Lean-Agile transformation. Key areas of competency include the application of Lean-Agile principles, execution and release of value through Agile Release Trains (ARTs), and building an Agile portfolio with Lean-Agile budgeting.
2 Jahre 7 Monate
1998-08 - 2001-02

Fachinformatiker AE

Fachinformatiker IHK, Citibank und Mannesmann Ausbildungsverbund
Fachinformatiker IHK
Citibank und Mannesmann Ausbildungsverbund

Kompetenzen

Kompetenzen

Top-Skills

Identity- and Access Management Solution Architecture & Design Strategic advice and concepts Analysefähigkeit Teamleading IAM Identity Management Access Management Single-Sign-On Enterprise Architektur IT-Security Cyber Security Identity Federation Identity & Access Governance Sailpoint Keycloak DevOps SAFe Ping Identity Quest One Identity

Produkte / Standards / Erfahrungen / Methoden

Cloud
Fortgeschritten
AWS
Fortgeschritten
OIDC
Experte
oAuth
Experte
Product Owner
Experte
API Security
Experte
Kubernetes
Basics

Work Experience:

2021 - 2024 

Role: IAM Architect and Product Owner

Customer: German Telecommunication Provider


Tasks:

Gigabit Business Unit (Fiber Network Rollout)

  • Established an agile development team for IAM
  • Operation and redesign of an Access Management solution based on RedHat SSO (Keycloak) for a Microservices based Software System
  • Extension of the existing Access Management Layer to support Zero Trust and role-based permissions
  • Stabilization of operations by automating the deployment and redesigning the deployment architecture
  • Enterprise Architecture for Identity- and Access Management


Technology:

Agile Development as Product Owner with SAFe, Software stack based on microservices, API Security, API Gateway (Kong), oAuth, OIDC, OpenAPI Specification, Openshift, AWS, Kubernetes, Docker, PostgreSQL, RHSSO (Keycloak), HELM, HELMFILE, JIRA, GitLab, Lens, Swagger


2019 - 2020 

Role: System Architect, IAM Architect

Customer: German Telecommunication Provider


Tasks:

Internal IAM Department

  • Enterprise Architecture for Identity- and Access Management
  • Product selection for an IdM Product incl. PoC
  • Architecture and Solution Design for the new internal IAM System based on Quest One Identity
  • Helped to build up a whole new organization to develop and operate the new IAM Solution based on SAFe4
  • System Architect Internal IAM Hub


Technology:

SAFe4, Quest One Identity, SAP SuccessFactors OData API, SAP Employee Central, LDAP, Jira


Until 2019

Role: IAM Architect, Lead Solution Consultant Identity and Access Management Central Cluster

Customer: Large USA Consulting and Outsourcing Services Provider, Ratingen


Tasks:

  • Partner management, Go to-Market Strategy, Business planning
  • Strategic advice and IAM concepts for various DAX companies in Finance- and Banking, Automotive, Energy and Steel industry.
  • Implementation Projects based on Ping Federate, Sailpoint IIQ and SAP IdM for large Energy Providers, a Truck Manufacturer and an international (steel) industrial and technology company
  • Integrations with SAP, Azure AD (EntraID), LDAP, Databases and others using various protocols
  • Development of custom adapter for Sailpoint IIQ
  • Role mining, permission and role models
  • Developed methods to implement IdM Solutions based on agile methods instead of classic project management


Technology:

Sailpoint IIQ, Sailpoint Custom Connector development, SAP IdM, SAP R3, Azure AD (EntraID), LDAP, Databases, Ping Federate, Ping Access


Professional Profile:

I?m working in the Identity- and Access Management (IAM) industry for almost 15 years now. I was working for Hewlett-Packard (now DXC Technology), where I started as consultant and later worked as Lead Solution Consultant and Architect in the Security department, which I helped to build up. I worked on various implementation and strategic architecture projects for clients in the Banking- and Finance-Industry, Steel Industry, Automotive Industry, Energy Sector and others. The last 5 years I was working as IAM Solution Designer and Architect for a large telecommunication provider in Germany. I provided architecture concepts for the internal IAM System and some special software solution used to manage fibre network rollout. I see my role as an architect in translating business needs into technology and I love to get technical things done. At the same time, I talk to management level and provide strategic advice and concepts, if required. When leading teams or organizations, I prefer a democratic or collaborative leadership style and adapt to the needs of the team or organization.  


Strengths:

  • Identity- and Access Management
  • Solution Architecture & Design
  • Strategic advice and concepts
  • Good implementation, configuration and analysis skills
  • Agile Development and Operations
  • Collaborative Leadership


Skills and Technology:

  • Identity- and Access Management
  • Experience with DAX companies in Energy-, Steel-, Automotiveand Telecommunication Industry
  • Single-Sign-On (SSO)
  • Federated Identity
  • Permission- and Role Modelling
  • Zero Trust
  • Provisioning and Reconciliation
  • Cloud-, Microservices- and APISecurity
  • SailPoint IdentityIQ
  • Ping Federate
  • RHSSO (Keycloak)
  • Quest One Identity
  • SAP Identity Manager
  • oAuth, OIDC, SCIM, OAS
  • Kubernetes, Docker
  • Openshift, AWS, Azure
  • HELM, HELMFILE
  • GitLab, Lens, Swagger, Jira
  • Unix / Linux / Windows
  • LDAP / Databases (SQL)
  • Web Application Technology
  • Multi Factor Authentication
  • Java

Branchen

Branchen

Energieanbieter, Automotive, Stahlindustrie, Fashion Retail, Telekommunikation, Logistik, Banken

Einsatzorte

Einsatzorte

Deutschland
möglich

Projekte

Projekte

3 Monate
2024-06 - 2024-08

IAM Assessment and Roadmap Review

Lead Advisor IAM IAM Referenz Architektur IAM Assessment ...
Lead Advisor
On behalf of a KuppingerCole Analysts AG, I carried out an IAM assessment of the central IAM systems, technologies and processes for a large German logistics provider. The maturity level of the IAM capabilities was assessed based on a reference architecture. Measures and projects were then derived from this and a gap analysis was carried out against the existing IAM roadmap. The plan is to expand this analysis to all business areas of the company and evaluate it in terms of best practice, efficiency and usability.

Strategieberatung
IAM IAM Referenz Architektur IAM Assessment Strategieberatung Strategieplanung
Remote
2 Jahre 9 Monate
2021-04 - 2023-12

Gigabit Business Unit (Fiber Network Rollout)

IAM Architect Agile Development Microservices API Security ...
IAM Architect

  • Established an agile development team for IAM (Role: Product Owner)
  • Operation and redesign of an Access Management solution based on RedHat SSO (Keycloak) for a Microservices based Software System
  • Extension of the existing Access Management Layer to support Zero Trust and role-based permissions
  • Stabilization of operations by automating the deployment and redesigning the deployment architecture
  • Enterprise Architecture for Identity- and Access Management
Kong OpenShift Kubernetes Docker PostgreSQL Keycloak RHSSO HELMFILE Atlassian JIRA GitLab
Agile Development Microservices API Security OAuth 2.0 OpenID OpenAPI Swagger Product Owner SAFe
Telekom
Remote
2 Jahre 3 Monate
2019-01 - 2021-03

Enterprise Architecture and System Architect for One Identity Implementation

IAM Architect SAFe Enterprise Architect Solution Design ...
IAM Architect
  • Enterprise Architecture for Identity- and Access Management
  • Product selection for an IdM Product incl. PoC
  • Architecture and Solution Design for the new internal IAM System based on Quest One Identity
  • Helped to build up a whole new organization to develop and operate the new IAM Solution based on SAFe4
  • System Architect Internal IAM Hub
Sailpoint Quest One Identity SAP SuccessFactors SAP Employee Central LDAP Atlassian JIRA
SAFe Enterprise Architect Solution Design Strategieberatung
Telekom
Remote
13 Jahre 11 Monate
2005-02 - 2018-12

Various Consulting Engagements

IAM Architect and Lead Consultant Strategieberatung IAM Implementierung Java ...
IAM Architect and Lead Consultant

Before I worked for Telekom I have worked for Hewlett Packard as IAM Architect, Consultant and Lead Consultant:

  • Partner management, Go to-Market Strategy, Business planning
  • Strategic advice and IAM concepts for various DAX companies in Finance- and Banking, Automotive, Energy and Steel industry.
  • Implementation Projects based on Ping Federate, Sailpoint IIQ and SAP IdM for large Energy Providers, a Truck Manufacturer and an international (steel) industrial and technology company
  • Integrations with SAP, Azure AD (EntraID), LDAP, Databases and others using various protocols
  • Development of custom adapter for Sailpoint IIQ
  • Role mining, permission and role models
  • Developed methods to implement IdM Solutions based on agile methods instead of classic project management
Sailpoint IIQ Ping Federate Ping Identity Azure AD SAP Identity Management LDAP
Strategieberatung IAM Implementierung Java Scrum Identity Management Access Management IAM Berechtigungskonzept Rollenmodelle
Hewlett Packard
Europe

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2019-05 - 2019-05

Leading SAFe 4

Certified SAFe® 4 Agilist, Scaled Agile Inc
Certified SAFe® 4 Agilist
Scaled Agile Inc
A Certified SAFe® 4 Agilist (SA) is a SAFe enterprise leadership professional who is part of a Lean-Agile transformation. Key areas of competency include the application of Lean-Agile principles, execution and release of value through Agile Release Trains (ARTs), and building an Agile portfolio with Lean-Agile budgeting.
2 Jahre 7 Monate
1998-08 - 2001-02

Fachinformatiker AE

Fachinformatiker IHK, Citibank und Mannesmann Ausbildungsverbund
Fachinformatiker IHK
Citibank und Mannesmann Ausbildungsverbund

Kompetenzen

Kompetenzen

Top-Skills

Identity- and Access Management Solution Architecture & Design Strategic advice and concepts Analysefähigkeit Teamleading IAM Identity Management Access Management Single-Sign-On Enterprise Architektur IT-Security Cyber Security Identity Federation Identity & Access Governance Sailpoint Keycloak DevOps SAFe Ping Identity Quest One Identity

Produkte / Standards / Erfahrungen / Methoden

Cloud
Fortgeschritten
AWS
Fortgeschritten
OIDC
Experte
oAuth
Experte
Product Owner
Experte
API Security
Experte
Kubernetes
Basics

Work Experience:

2021 - 2024 

Role: IAM Architect and Product Owner

Customer: German Telecommunication Provider


Tasks:

Gigabit Business Unit (Fiber Network Rollout)

  • Established an agile development team for IAM
  • Operation and redesign of an Access Management solution based on RedHat SSO (Keycloak) for a Microservices based Software System
  • Extension of the existing Access Management Layer to support Zero Trust and role-based permissions
  • Stabilization of operations by automating the deployment and redesigning the deployment architecture
  • Enterprise Architecture for Identity- and Access Management


Technology:

Agile Development as Product Owner with SAFe, Software stack based on microservices, API Security, API Gateway (Kong), oAuth, OIDC, OpenAPI Specification, Openshift, AWS, Kubernetes, Docker, PostgreSQL, RHSSO (Keycloak), HELM, HELMFILE, JIRA, GitLab, Lens, Swagger


2019 - 2020 

Role: System Architect, IAM Architect

Customer: German Telecommunication Provider


Tasks:

Internal IAM Department

  • Enterprise Architecture for Identity- and Access Management
  • Product selection for an IdM Product incl. PoC
  • Architecture and Solution Design for the new internal IAM System based on Quest One Identity
  • Helped to build up a whole new organization to develop and operate the new IAM Solution based on SAFe4
  • System Architect Internal IAM Hub


Technology:

SAFe4, Quest One Identity, SAP SuccessFactors OData API, SAP Employee Central, LDAP, Jira


Until 2019

Role: IAM Architect, Lead Solution Consultant Identity and Access Management Central Cluster

Customer: Large USA Consulting and Outsourcing Services Provider, Ratingen


Tasks:

  • Partner management, Go to-Market Strategy, Business planning
  • Strategic advice and IAM concepts for various DAX companies in Finance- and Banking, Automotive, Energy and Steel industry.
  • Implementation Projects based on Ping Federate, Sailpoint IIQ and SAP IdM for large Energy Providers, a Truck Manufacturer and an international (steel) industrial and technology company
  • Integrations with SAP, Azure AD (EntraID), LDAP, Databases and others using various protocols
  • Development of custom adapter for Sailpoint IIQ
  • Role mining, permission and role models
  • Developed methods to implement IdM Solutions based on agile methods instead of classic project management


Technology:

Sailpoint IIQ, Sailpoint Custom Connector development, SAP IdM, SAP R3, Azure AD (EntraID), LDAP, Databases, Ping Federate, Ping Access


Professional Profile:

I?m working in the Identity- and Access Management (IAM) industry for almost 15 years now. I was working for Hewlett-Packard (now DXC Technology), where I started as consultant and later worked as Lead Solution Consultant and Architect in the Security department, which I helped to build up. I worked on various implementation and strategic architecture projects for clients in the Banking- and Finance-Industry, Steel Industry, Automotive Industry, Energy Sector and others. The last 5 years I was working as IAM Solution Designer and Architect for a large telecommunication provider in Germany. I provided architecture concepts for the internal IAM System and some special software solution used to manage fibre network rollout. I see my role as an architect in translating business needs into technology and I love to get technical things done. At the same time, I talk to management level and provide strategic advice and concepts, if required. When leading teams or organizations, I prefer a democratic or collaborative leadership style and adapt to the needs of the team or organization.  


Strengths:

  • Identity- and Access Management
  • Solution Architecture & Design
  • Strategic advice and concepts
  • Good implementation, configuration and analysis skills
  • Agile Development and Operations
  • Collaborative Leadership


Skills and Technology:

  • Identity- and Access Management
  • Experience with DAX companies in Energy-, Steel-, Automotiveand Telecommunication Industry
  • Single-Sign-On (SSO)
  • Federated Identity
  • Permission- and Role Modelling
  • Zero Trust
  • Provisioning and Reconciliation
  • Cloud-, Microservices- and APISecurity
  • SailPoint IdentityIQ
  • Ping Federate
  • RHSSO (Keycloak)
  • Quest One Identity
  • SAP Identity Manager
  • oAuth, OIDC, SCIM, OAS
  • Kubernetes, Docker
  • Openshift, AWS, Azure
  • HELM, HELMFILE
  • GitLab, Lens, Swagger, Jira
  • Unix / Linux / Windows
  • LDAP / Databases (SQL)
  • Web Application Technology
  • Multi Factor Authentication
  • Java

Branchen

Branchen

Energieanbieter, Automotive, Stahlindustrie, Fashion Retail, Telekommunikation, Logistik, Banken

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.