The largest ICT employer in Hungary, Deutsche Telekom IT Solutions (formerly IT-Services Hungary, ITSH) is a subsidiary of the Deutsche Telekom Group. Established in 2006, the company provides a wide portfolio of IT and telecommunications services with more than 5000 employees. ITSH was awarded with the Best in Educational Cooperation prize by HIPA in 2019, acknowledged as one of the most attractive workplaces by PwC Hungary’s independent survey in 2021 and rewarded with the title of the Most Ethical Multinational Company in 2019. The company continuously develops its four sites in Budapest, Debrecen, Pécs and Szeged and is looking for skilled IT professionals to join its team.

Join our International Team and help us to create greenfield software for one of the biggest and most important project in Deutsche Telekom Group.  Being part of our team, you will have an impact on our 30 million Customers, who will use our product to request Fiber network to their homes and to track our progress of installation.  

Our product is a set of applications and websites to support end-to-end processes covering areas: Fiber pre-ordering, ordering, installation, service management & customer support.

Your role as IAM DevOps Engineer

Your role will be to develop and operate Keycloak/RHSSO-based IAM capabilities on Kubernetes, enabling secure SSO and machine-to-machine access for internal products.

You will support team development by standardizing deployment, configuration, and troubleshooting practices, continuously improving reliability, security, and automation around the IAM platform.

Your profile

• At least 3 years of work experience as DevOps / Platform Engineer (or SRE) with hands-on Kubernetes operations in production environments.
• Solid understanding of OAuth 2.0 and OpenID Connect concepts for modern IAM integrations and SSO flows.​
• Practical experience with GitOps delivery using Argo CD (Git-driven continuous delivery for Kubernetes).​
• Experience working with containers (Docker) and CI/CD pipelines (e.g. GitLab) from commit to production.
• Comfortable scripting in Python and Bash for automation and troubleshooting tasks.

IAM, Keycloak & troubleshooting

• IAM fundamentals: authentication vs authorization, identity lifecycle and provisioning flows, role/permission model design, user types, and machine-to-machine concepts.
• Keycloak/RHSSO: hands-on experience with realms, clients, roles, scopes, identity providers, and themes, including troubleshooting authentication and authorization flows end-to-end.
• Configuration-as-code mindset for Keycloak: managing realms/clients/roles via versioned configuration and promoting changes across environments.
• Operability: diagnose and resolve platform issues (CPU/memory pressure, pod health, configuration errors), contribute to incident response, and support upgrades and migrations.

Cloud, DevOps & Containerization

• Kubernetes & networking: experience with deployments, services, ingress, environment-specific configuration, and secure handling of secrets/config maps.
• Packaging & delivery: Helm charts and Argo CD application management, including using Helm-based deployments through Argo CD for GitOps workflows.
• Experience in CI/CD using GitLab, including building, testing, and deploying containerized workloads.
• Infrastructure as Code (IaC) approach for managing environments and application infrastructure.
• Observability: experience with Grafana/Prometheus, ELK stack, and basic Dynatrace usage for monitoring, alerting, and troubleshooting.

Database & Persisitence Layer

• Experience with PostgreSQL in operational contexts (backups and restore, basic performance indicators, connection troubleshooting).
• General understanding of how Keycloak and IAM components rely on Postgres and what typical failure modes look like.

Security & Performance

• Experience with OAuth 2.0, OpenID Connect, and JWT-based authentication for Keycloak integrations.​
• Understanding of TLS/certificates and secure exposure of IAM endpoints.
• Experience using monitoring and load-testing tools (e.g. Prometheus/Grafana, JMeter) to observe performance, capacity, and stability of IAM services.

Would be nice to have

• Hands-on experience running Keycloak using an operator-based approach on Kubernetes/OpenShift.
• Deeper Postgres operational know-how (performance tuning, HA setups, maintenance strategies).
• Experience in cloud technologies (AWS, Azure, or Google Cloud).
• Experience in Go, Java and/or Quarkus for maintaining operators, provisioning logic, or SPI-based extensions.
• Experience of working in international projects.
• Degree in Computer Science, Mathematics or Engineering.

Technology stack:
 

• Keycloak / RHSSO / RHBK, OAuth2, OpenID Connect, JWT.​
• Kubernetes, Docker, Ingress, Helm, Argo CD.​
• Git, CI/CD (GitLab), GitOps.​
• Python, Bash (plus Go/Java as a plus for automation and extensions).
• Grafana, Prometheus, ELK, Dynatrace.
• PostgreSQL.
• AWS and other cloud platforms (as a plus).

* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.