/ System engineer
Work Environment
By developing secure, reliable and innovative network infrastructures and associated services with and for our communities, Belnet, as a national research network, helps build tomorrow's education, research and Public administration.
Belnet's mission is to operate a high-performance network for universities, colleges, research centres and government departments. The Belnet network is also the gateway to other research networks worldwide and is therefore an engine for (inter)national cooperation in education and research.
In addition, our network is a crucial building block for the federal government's digital services. As their IT partner, we contribute to an efficient use of available resources by maximising synergies and economies of scale.
The Managed Services department develops, manages, and maintains a wide range of services that Belnet offers on and above its network for research, education, and public institutions. These include DNS/DNSSEC, Certificates, SSO/Federation Services, Eduroam, Antispam, Cloud services, Filesender, identity & access solutions, and more.
Task Description
To strengthen its identity‑ and access‑related services, Belnet is looking for an Application Engineer with interest and knowledge in IAM and federation technologies.
As an Application Engineer – IAM & Federation, you contribute to the management, operation, and evolution of Belnet services related to authentication, authorization, and identity federation.You will work closely with senior engineers and application managers, progressively gaining autonomy in handling incidents, operational tasks, and small technical improvements. Your main focus will be SAML, OpenID Connect, Microsoft Entra ID, IAM platforms, and other authentication‑related service components, while also supporting other Belnet services when needed.
This role is ideal for someone with a strong technical basis who wants to grow into a IAM‑expert profile.
1)IAM & Federation Support and Operations
1. Participate in the daily operational management of identity and access services (federated login, SAML/SP integrations, OpenID Connect providers)
2. Support user onboarding, configuration updates, and troubleshooting of IAM services
3. Assist in integrations between Microsoft Entra ID (Azure AD), Shibboleth, SAML, and OIDC components.
2)Application Management
4. Support the lifecycle of applications: configuration, testing, updates, documentation
5. Assist colleagues in maintaining the functional and technical knowledge of the services
6. Handle second-line technical requests when within your expertise.
3)Technical Troubleshooting & Analysis
7. Investigate basic technical issues related to authentication flows, metadata, certificates, and service configuration
8. Work with logs, monitoring tools, and debugging techniques (with guidance as needed).
9. Support root-cause analysis and help prevent recurring issues.
4)Collaboration & Coordination
10. Work closely with the Managed Services team to ensure high service quality
11. Collaborate with colleagues from Services & Security, product management, Communication, and external suppliers
12. Participate in technical meetings and contribute to documentation and knowledge sharing
5)Learning & Continuous Development
13. Develop your skills in IAM, SAML/OIDC, cloud identity, and DevOps practices
14. Keep up with evolving standards (SAML2, OAuth2, OIDC, federation protocols)
15. Participate in training, workshops, communities, and internal knowledge sessions.
Profile Description
Required Education & Experience
16. University degree or IT bachelor or equivalent through experience
17. 1–3 years of experience in a technical IT role (system engineer, system engineer, application owner…) with exposure to IAM-intensive environments.
Technical Skills
18. Good understanding of SAML, OpenID Connect, and modern authentication concepts.
19. Good knowledge of federated IAM solutions with:
Authentication and authorization protocols (OAuth2, OpenID Connect)
Interoperability between Active Directory / Entra ID, Shibboleth, SimpleSaml, php, and other federation systems
Understanding of modern development practices (CI/CD, DevOps)
20. Basic knowledge of networking (TCP/IP, web access firewalls, routing, network security)
21. Knowledge of or experience with Microsoft Entra ID (Azure AD) and IAM principles
22. Familiarity with Linux environments (Ubuntu/RedHat) and basic system administration, including security hardening, log analysis.
23. Ability to read and troubleshoot logs
24. Basic scripting skills (Bash or Python) are an asset
25. Understanding of networking fundamentals (TCP/IP, DNS, HTTPS). •Interest in automation, DevOps, and open standards.
Soft Skills
26. Strong willingness to learn and grow into a more specialized role
27. Ability to translate customer requirements—including identity and access needs—into actionable improvements
28. Ability to collaborate within a team and take guidance from senior engineers
29. Analytical thinking and sense of responsibility.
30. Able to provide clear explanations and translate technical IAM concepts into accessible language
31. Solid knowledge of cloud environments (preferably open cloud)
32. Basic Programming skills in Java, PHP, or Python.
Assets
33. Strong interest in open-source technologies and Open Science ecosystems
34. Any exposure to identity federation (Shibboleth, ADFS, OAuth, OIDC)
35. Experience with Azure, cloud identity, or authentication flows.
36. Knowledge of open source tools and interest in IAM communities.
37. Basic knowledge of ITIL or service management
38. Dutch-speaking or French-speaking, with good English and basic knowledge of the second national language
39. Experience with automation tools (Ansible, Puppet)
40. Affinity with the research, education, or government sectors is a plus.
We offer
Our federal government is undergoing a major digital transformation: from cybersecurity challenges to digital communication, from network improvements supporting new ways of working to complex development projects and optimization of existing applications.
Would you like to contribute to this effort and create societal value, while also working on your personal development and having every opportunity to achieve your ambitions?
If so, we offer:
A clear mission in a stimulating work environment
A highly competitive salary package with a wide range of fringe benefits, including:
41. Hospitalization insurance
42. Meal vouchers Mobility benefits
43. Pension fund
In addition, we place great importance on a healthy work-life balance, with teleworking options available for most positions. Our offices are also easily accessible by public transport.
Deel deze vacature via
of