We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Identity and Access Management (IAM) Engineer - ForgeRock (L3) at TO.SCALE. At . To.Scale. , we help forward-thinking tech teams grow with the right people, fast. We’re currently hiring on behalf of a global enterprise client for a ForgeRock-focused IAM engineering role. If you thrive at the intersection of security, stability and systems engineering, read on.. This isn’t a junior support gig or a role where you just reset passwords. You’ll be the go-to person for everything ForgeRock: designing, maintaining, troubleshooting and evolving identity systems that need to stay secure, stable and scalable.. You’ll handle incidents when they happen (L3-level), but also work on the bigger picture: improving architecture, driving integrations and supporting long-term IAM strategy. . It’s a hands-on, high-impact role where security meets engineering, and no two days look the same.. What you will effectively be doing:. . Own and maintain all core components of the . ForgeRock Identity Platform. : AM, IDM, DS, and IG . . Lead and support integrations with external . identity providers. , internal apps, and developer tools . . Troubleshoot and resolve identity-related incidents (L3), digging into logs and root causes, not just symptoms . . Perform daily health checks and maintain platform stability through proactive monitoring . . Participate in architecture and roadmap discussions, contributing to long-term IAM evolution . . Coordinate changes across teams, and ensure smooth transitions between dev, staging, and production . . Build or tweak scripts (shell/Python/etc.) to automate routine tasks and improve resilience . . Generate and maintain system documentation, operational runbooks, and performance reports . . Work closely with infrastructure, cloud, and security teams to keep access secure and smooth . . Be flexible with shift work if required - sadly, the platform never sleeps. . At To.Scale, we look at real, actionable talent. So instead of obsessing over how many years you have been doing it, we'll share the real world translation of "years of experience".. You’ve been doing . IAM. work long enough to:. - Know what can go wrong and how to fix it . - Know what needs to be designed and how to do it securely . - Be the person others rely on when SSO breaks, tokens time out or user onboarding fails. More specifically, here’s what we’re really looking for:. . Hands-on experience with the . ForgeRock suite. (AM, IDM, DS, IG) — or transferable skills from . Ping, Okta, IBM Security Verify, or similar platforms. . . Strong command of . IAM protocols. like . SAML, OAuth2, OIDC. . . Comfort working with . LDAP. , writing or debugging . access policies. , and analyzing logs for root causes . . Scripting skills (shell, Python, etc.) to handle config changes or automate repeat ops tasks . . Solid understanding of . IAM architecture. and secure integration best practices . . Familiarity with tools like . ServiceNow. , . Jira. , . Splunk. , or other monitoring and ticketing platforms . . Experience in high-availability environments where access issues = business stoppage . . A practical mindset: you document what matters, you explain things clearly, and you keep security and stability top of mind . . . Bonus points if you’ve led IAM projects or helped define access roadmaps. However, even if you’ve just . been in the trenches. , we want to hear from you!. . Company Location: Portugal.