This is a remote job position. ### At Ibertech, we are looking for a **Solutions Architect** profile to collaborate with one of our leading banking sector clients. **Location:** Madrid **Mode:** Remote **Project Duration:** Stable, long-term position. **Profile:** Security Cloud Architect with 5 years of experience performing similar roles. **Responsibilities:** Support the architecture team (GenAI Gateway, or other projects) in the definition, design, and technical validation of security flows between internal and external systems — with special focus on: * Authentication, authorization, and identity federation. * Secure connection with SaaS services and cloud APIs. * Functional POCs connecting infrastructure components and corporate services. Definition of reusable connection and security patterns across domains within the banking entity. * **Detailed responsibilities:** 1\. Design of Authentication and Authorization Flows * Modeling of OAuth2 / OIDC / SAML2 / Mutual TLS flows. * Definition of identity federation between the bank and third parties (SaaS, partners, cloud providers). * Integration with Identity Providers (Azure AD, Okta, Ping, ForgeRock, Keycloak, etc.). * Support for token exchange, scopes, refresh flows, etc. Review of secure delegation (app\-to\-app, user\-to\-app, machine\-to\-machine). * 2\. Secure SaaS Bank Integration * Evaluate and execute POCs for connections between cloud services (e.g., OpenAI, Salesforce, ServiceNow, M365, etc.) and the banking core, going through firewalls, proxies, gateways, etc. * Design hybrid flows with secure connectivity (VPN, Private Link, API Gateway, reverse proxy, etc.). Definition of perimeter security patterns, hardening, secrets management, and compliance (PII, GDPR, etc.). * 3\. Internal Component Integration * Define and test integration flows between internal domains (e.g., between microservices, gateways, brokers, data services, etc.). * Apply Zero Trust policies, network segmentation, access control, and visibility. Design mechanisms for observability and traceability of secure transactions. * 4\. POCs and Hands-on Testing * Set up lightweight test environments (sandbox or labs). * Reproducibly integrate APIs, Identity Providers, Gateways, and SaaS platforms. * Validate using practical tools (Postman, curl, Terraform, Docker, etc.). Document and convert POCs into blueprints or reusable patterns. * Are you interested and do you think you’re a good fit? Apply here or send your updated CV along with salary expectations to sara.gonzalez@ibertech.org and we will contact you. We're looking forward to hearing from you!