CIAM Security Engineer | Switzerland

Job Location – Zurich, Switzerland

Experience: 4+ years

Pay Rate – TBN

Start Date - ASAP

Contract - 6 months to 1 year (can be renewable)

Role Overview

We are looking for a highly skilled CIAM Security Engineer with strong expertise in Nevis Security Suite, modern authentication protocols, and web application security. The ideal candidate will support the design, deployment, and continuous improvement of SIX’s mission-critical customer identity and access management landscape.

Core Technical Competencies

1. Nevis Security Suite (Mandatory)

Hands-on experience with:

• nevisProxy, nevisAuth, nevisAdmin, NevisMeta, NevisIDM ,NevisDataporter
• Understanding of Nevis architecture, cluster setups, integration patterns, and troubleshooting
• Ability to design, configure, and optimize authentication, authorization, and federation flows

2. Web Application Firewall (WAF)

• Experience with:
• ModSecurity
• OWASP Core Rule Set (CRS)
• WAF policy tuning, anomaly scoring, false-positive mitigation
• Integration with reverse proxies and CIAM components

3. Identity & Access Management

• Identity lifecycle and governance
• Access policies, roles, and entitlements
• Authentication and authorization best practices
• Integration with enterprise applications and APIs

4. Reverse Proxy Technologies

• Reverse proxy design and configuration
• Load balancing concepts
• SSL/TLS termination
• Traffic routing, URL rewriting, application publishing

5. Federated Identity Protocols

OIDC (OpenID Connect)

• Authorization Code Flow
• Implicit Flow
• PKCE
• Token lifecycle and introspection

SAML 2.0

• SP-initiated and IdP-initiated flows
• Assertion handling, signing, encryption
• Metadata management

6. Nice-to-Have Skills

• CIAM / IAM / WAF tools:
• Ping Identity, ForgeRock, Okta, Keycloak, Auth0, Azure AD B2C
• F5 ASM / ADV WAF, Imperva, Barracuda, Akamai Kona
• Containerization: OpenShift, Kubernetes
• Monitoring tools: Splunk, ELK, Grafana
• Scripting: Python, Bash, Ansible

Competencies

• Agile Way of Working
• Cyber Security
• Okta
• ForgeRock Access Management
• Microsoft Identity & Access Management
• IAM Implementation, Design & Architecture