Expert IAM (Keystone) - SRE Cloud Public
Explicitly mentions vibe coding and generative AI to automate security controls and speed up development; expects AI-assisted workflows.
About the Role
Senior SRE specialized in OpenStack Keystone IAM responsible for securing, operating and evolving identity services at scale. The role focuses on high availability, advanced RBAC, compliance-as-code and using AI/automation to improve identity lifecycle, auditing and incident response.
Job Description
Role
Expert IAM (Keystone) - SRE Cloud Public responsible for the availability, security and evolution of OpenStack-based identity services. You will ensure robust authentication/authorization for thousands of users, implement advanced RBAC models, translate compliance requirements into policies-as-code and leverage AI/automation to improve operations and audits.
Key Responsibilities
- Operate and evolve Keystone deployments to guarantee high availability and state-of-the-art security across the public cloud infrastructure.
- Design and implement advanced RBAC (fine-grained permissions, multi-region scopes) to meet complex business needs.
- Convert ISO 27001 and HDS requirements into policies-as-code and automate compliance checks.
- Build and maintain secure CI/CD pipelines and promote high code quality with rapid feedback loops.
- Experiment with AI tools to model identity flows, simulate access policies, detect anomalies and accelerate troubleshooting.
- Collaborate with engineering, security teams and the OpenStack community on identity federation (OIDC, SAML) and best practices.
Requirements
- Strong experience with identity protocols and systems: Keystone, OIDC, SAML, LDAP.
- Deep understanding of Keystone architecture and identity management at scale (multi-domain, multi-project).
- Expert programming skills in Python (or Go) and experience using AI to assist development and code review.
- Experience with high-availability architectures (e.g., HAProxy), incident troubleshooting and observability driven by metrics.
- Knowledge of compliance standards (ISO 27001, HDS) and ability to implement regulatory requirements technically.
- SRE/DevOps mindset: automation, CI/CD, testing, and secure deployment practices.
Nice to have
- Active or interested contributor to the OpenStack Keystone community.
- Experience using AI for threat detection, log analysis or automating security controls.
- Familiarity with Zero Trust access architectures.
Impact timeline
- 6 months: Understand Keystone ecosystem, integrate with engineering and security peers, deliver initial deployment and authentication improvements.
- 1 year: Become the internal IAM reference, deliver major identity roadmap features from design to production and automate low-value security controls using generative AI and vibe coding.
Benefits
- Hybrid telework policy
- Employee share ownership plan (plan d’actionnariat salarié)
- Seniority recognition program
- Vacation and sports subsidies
- Company nursery/crèche depending on site
- Multicultural teams and well-equipped offices
- Online training and certification platform
- Digital medical and social support for employees and families