Senior Consultant (Keycloak)

  • Location

    Tampa

  • Sector:

  • Job type:

    Temporary

  • Salary:

    Negotiable

  • Contact:

    Hannah Pegues

  • Contact email:

    h.pegues@ioassociates.com

  • Job ref:

    BBBH151496_1732660966

  • Startdate:

    ASAP

Position Overview: Our client is seeking a highly skilled and experienced IAM Consultant to lead the setup and configuration of Keycloak for their growing platform. The ideal candidate will have deep knowledge of identity and access management, hands-on experience with Keycloak, and proven expertise in integrating Keycloak with FastAPI to secure APIs and user data.

As part of the role, you will work closely with their development team to implement security best practices, manage user roles and permissions, and enforce robust security policies across the healthcare application.

Key Responsibilities:

  1. Keycloak Setup and Configuration:

    • Deploy and configure Keycloak as the central Identity and Access Management (IAM) solution.
    • Define and manage Keycloak realms, clients, and roles to meet the application security needs.
    • Configure Keycloak for authentication via username and password (instead of email).

  2. FastAPI Integration:

    • Integrate FastAPI with Keycloak for authentication and authorization processes.
    • Implement OAuth2/OpenID Connect flows to secure API endpoints with Keycloak security tokens.
    • Set up user session management and token validation within the FastAPI framework.

  3. User Management:

    • Enable user management features, including creating, blocking, and deleting users from within the FastAPI application, syncing with Keycloak.
    • Implement role-based access control (RBAC) APIs for managing user roles and permissions.

  4. Route Access Control:

    • Use Keycloak tokens to enforce access control at the route level based on user roles and permissions.
    • Develop decorators or middleware to ensure security policies are upheld for protected routes.

  5. Multi-Factor Authentication (MFA):

    • Configure and implement MFA within Keycloak (OTP/TOTP) to secure user login.
    • Ensure that MFA is correctly integrated with the authentication flows in FastAPI.

  6. Security Policies:

    • Ensure that sensitive operations (e.g., user management, role updates) are secured with appropriate permissions and roles.
    • Regularly refresh and validate tokens to maintain the security of user sessions.

Required Skills and Experience:

  • Keycloak Expertise: 4+ years of hands-on experience setting up and configuring Keycloak for IAM.
  • Python & FastAPI: 2+ years of experience coding in Python (v3.10+) and working with FastAPI and SQLAlchemy (Postgres).
  • Authentication & Authorization: Deep understanding of OAuth2/OpenID Connect flows, session management, and RBAC.
  • Security Knowledge: Familiarity with security best practices, including multi-factor authentication (MFA), token validation, and securing sensitive operations.
  • Problem-Solving: Strong troubleshooting and problem-solving skills in IAM-related issues.
  • Team Collaboration: Ability to collaborate effectively with cross-functional teams to implement security solutions.

Preferred Skills:

  • Experience with healthcare platforms or knowledge of healthcare data security standards (e.g., HIPAA).
  • Familiarity with DevOps tools and deployment pipelines.

Why Join Our Client:

  • Impact: Play a key role in enhancing healthcare access and security for users.
  • Growth Opportunity: Work in a fast-paced startup environment with the opportunity to shape the future of healthcare tech.
  • Collaborative Culture: Be part of a passionate and talented team committed to innovation.
Back job search