Senior Architect

3 weeks ago


Gandhinagar, India Persistent Systems Full time

About Position:


We are hiring for Senior Architect in IAM (Keycloak & Microsoft Entra ID) with hands on experience in IAM, 3+ in Keycloak, 3+ in Entra ID).


  • Role: Senior Architect
  • Location: All Persistent Locations
  • Experience: 12-16 Years
  • Job Type: Full Time Employment


What You'll Do:


  • Must to have: IAM Architecture (SAML, OIDC, OAuth2, SCIM, MFA, Conditional Access) Keycloak realm design, custom providers (SPI), themes, LDAP/AD, clustering, HA Microsoft Entra ID app registrations, External ID (B2C), IEF/custom policies, Graph API Identity governance & lifecycle (joiner–mover–leaver), JustInTime & SCIM provisioning Cloud security patterns, Zero Trust, secrets, certificates, Terraform/GitOps, Kubernetes
  • Nice-to-have: Azure, Kubernetes/containers, CI/CD, SOC2/ISO 27001/NIST experience, PAM Detailed Job Description Role: Senior Architect – Identity & Access Management (Keycloak & Microsoft Entra ID) About the Role We are seeking a seasoned IAM Architect to own the strategy, architecture, and delivery of our identity platform spanning Keycloak and Microsoft Entra ID. You'll define reference architectures, lead solution design for SSO/federation, govern access and lifecycle, and partner with product, security, and platform teams to deliver a secure, scalable, developerfriendly identity fabric.
  • Architecture & Strategy Define and evolve the enterprise identity reference architecture (workforce, B2B, B2C).
  • Establish standards for SSO, federation, token lifecycles, secrets, certificates, and Zero Trust enforcement.
  • Create roadmaps for modernization (onprem cloud/hybrid), legacy deprecation, and consolidation.
  • Keycloak Ownership Design realms, clients, roles, groups, and fine-grained authorization models. Implement custom Service Provider Interfaces (SPIs), authentication flows, and identity brokering.
  • Build themes/branding for B2C; integrate LDAP/AD; configure JDBC storage, session policies, and crossrealm flows.
  • Productionize Keycloak: clustering, HA, backup/DR, observability (Prometheus/Grafana), performance tuning. Automate realm/client configuration via Terraform/Helm; manage GitOps pipelines.
  • Microsoft Entra ID (Azure AD) Architect app registrations, enterprise apps, Conditional Access, MFA, Identity Protection. Lead External ID (formerly B2C) designs using custom policies (IEF), user journeys, social logins, and OIDC/OAuth2 flows.
  • Implement SCIM and JIT provisioning; manage entitlement models with groups/roles and access packages (if using Entra ID Governance).
  • Integrate with workloads using MSAL, Graph API, and Managed Identities. Identity Governance & Lifecycle Design joiner–mover–leaver processes, RBAC/ABAC, SoD controls, and periodic access reviews.
  • Define target operating model for identity operations, auditability, and evidence collection.
  • Security & Compliance Apply best practices aligned to NIST, ISO 27001, CIS, SOC2, and data protection obligations.
  • Drive threat modeling for identity flows (phishing-resistant MFA, replay protection, token hardening).
  • Delivery & Leadership Lead solutioning, estimations, and architecture governance; create HLD/LLD, sequence diagrams, and decision records.
  • Mentor engineers; collaborate with app teams to onboard apps to Keycloak/Entra ID using OIDC/SAML patterns. Manage vendor/partner engagements and cost optimization for identity platforms.


Expertise You'll Bring:


  • 12+ years of overall experience, with 5+ years dedicated to IAM architecture/engineering.
  • 3+ years hands-on with Keycloak in production (including recent Quarkus versions).
  • 3+ years with Microsoft Entra ID (Azure AD), including Conditional Access/MFA and External ID (B2C).
  • Expert in OIDC, OAuth2, SAML 2.0, SCIM, token handling (JWT, refresh token lifecycles), and PKCE.
  • Experience with hybrid identity (onprem AD, Azure AD Connect/Cloud Sync) and identity federation.
  • Strong with Terraform, Kubernetes/Containers, CI/CD, GitOps, REST/Graph APIs.
  • Proven track record producing HLD/LLD, architecture decision records (ADRs), and reference implementations.
  • Preferred / Nice to Have Azure: Azure AD Domain Services, Key Vault, Azure Monitor, Application Gateway/WAF, API Management.
  • PAM (e.g., CyberArk), secrets management, certificate automation (ACME, EST).
  • Performance tuning of auth services; cache strategies (e.g., Infinispan), sticky sessions, session replication. Knowledge of WebAuthn/FIDO2, device trust, and phishing-resistant MFA.
  • Regulatory experience: PCI DSS, SOX, HIPAA, GDPR (customize per industry).
  • Tools & Technologies IAM: Keycloak (Quarkus), Microsoft Entra ID (Azure AD), Entra External ID, Entra ID Governance Standards: OIDC, OAuth2, SAML, SCIM, JWT/JWS/JWE, WebAuthn/FIDO2 Integration: MSAL, Microsoft Graph API, Keycloak Admin API Infra/DevOps: Terraform, Helm, Kubernetes, Docker, GitHub/GitLab, Azure DevOps, ArgoCD Observability: Prometheus, Grafana, ELK/EFK, Azure Monitor, App Insights
  • Education & Certifications Bachelor's/Master's in Computer Science, Information Security, or equivalent experience.
  • Nice to have: Microsoft Identity & Access Administrator (SC-300), Azure Solutions Architect (AZ305), CISSP/CCSP, Okta/Forgerock (for comparative architecture).


Benefits:


  • Competitive salary and benefits package
  • Culture focused on talent development with quarterly growth opportunities and company-sponsored higher education and certifications
  • Opportunity to work with cutting-edge technologies
  • Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards
  • Annual health check-ups
  • Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents


Values-Driven, People-Centric & Inclusive Work Environment:


Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds.


  • We support hybrid work and flexible hours to fit diverse lifestyles.
  • Our office is accessibility-friendly, with ergonomic setups and assistive technologies to support employees with physical disabilities.
  • If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment


Let’s unleash your full potential at Persistent - persistent.com/careers


“Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.”



  • Gandhinagar, India Infotechtion Full time

    We are looking for - .Net and Azure Developer/Architect. 📍 Location: Remote (India only)  📅 Employment Type: Full-Time, Permanent  📈 Seniority Level: Senior (5-8 years of experience)     🚀 Join Infotechtion – Where cloud innovation meets real impact.  We are seeking a .NET and Azure Developer and...

  • Principal Architect

    2 weeks ago


    Gandhinagar, India School of Planning, Architecture, Design and Environment Full time

    Education qualification of M.Arch from a reputed institute with minimum 16+ years in Teaching experience. **JOB SUMMARY: - ** Provides the highest level of technical expertise in the field of architecture; responsible for the most complex architectural design assignments for Metropolitan; and provides final approval of work within their technical...

  • Junior Architect

    3 weeks ago


    Gandhinagar, GJ, IN Prodigy Placement LLP Full time

    Position Junior Architect Interior Designer Experience 6 months- 1 year Industry Interior Designer Location Kudasan Gandhinagar Job Summary We are seeking a passionate and detail-oriented Junior Architect or Interior Designer to join our team in Kudasan Gandhinagar The ideal candidate should have 6 months to 1 year of hands-on...


  • Gandhinagar, India Patch the Skill Full time

    Job DescriptionThis is a part-time opportunity We are looking for a Senior Solution Architect to deliver technical training on Enterprise Architecture, Cloud (AWS & Azure), DevOps, Containerization, and Cloud Migration. Experience in designing training content and leading virtual sessions is essential. Should have exposure to Generative AI (GenAI) and its...


  • Gandhinagar, India X-axis Interiors Full time

    Company Description X-axis Interiors is a leading interior designing and contracting firm in India, with over 10 years of experience in the field. Our team comprises experienced architects, interior designers, and skilled workforce proficient in handling a wide range of projects, including commercial organizations and private independent projects. We are...


  • Gandhinagar, India 360tf Full time

    We are looking for a Senior Frontend Engineer with deep expertise in either Flutter or Angular and solid working knowledge of the other. You will play a critical role in building and maintaining scalable, high-performance mobile and web applications with modern architectural patterns and state-of-the-art tools. This is an opportunity to contribute...


  • Gandhinagar, Gujarat, India Prodigy Placement LLP Full time ₹ 24,00,000 - ₹ 63,68,500 per year

    Job Title: Senior Civil Site EngineerLocation: GandhinagarDepartment: Civil / Construction ProjectsReports To: Project Manager / Construction HeadSalary: Up to 65kJob Summary:We are seeking a highly skilled and experienced Senior Civil Site Engineer to oversee, monitor, and execute civil construction activities on-site. The role involves supervising site...


  • Gandhinagar, India Connect Tech+Talent Full time

    NetSuite Solution ArchitectRemote (India)Full TimeResponsibilities NetSuite Implementation and Optimization Lead the end-to-end implementation of NetSuite, ensuring seamless integration across all relevant business functions Optimize NetSuite configurations to leverage the full suite of NetSuite functionality Develop and implement best practices...


  • Gandhinagar, Gujarat, India Fintech Global Center Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Job Title:AWS Cloud EngineerLocation:GIFT City, Gandhinagar, GujaratCompany:Fintech Global Private Pvt LtdJob Type:Full-timeJob Description:We are seeking an experienced and motivated AWS Cloud Engineer to design, build, manage, and optimize our AWS cloud infrastructure. In this role, you will work closely with development and business teams to ensure our...


  • Gandhinagar, India Elgebra Full time

    Candidates must have a background in Computer Science and EngineeringMust be graduates from top engineering collegesMust have experience working in startups or product-based companies Job Title: Senior Frontend DeveloperLocation: Bengaluru, KarnatakaExperience Level: Senior (Minimum 6+ years)About the RoleWe are seeking a highly skilled and motivated Senior...