IAM Java Midpoint Engineer | Maastricht University

Maastricht University is looking for a TEMPORARY MIDPOINT ENGINEER (IAM)
to support the IAM Programme within the ICT Service Center (ICTS).

Due to the end-of-support of SAP IdM by the end of 2027 and the planned migration to MidPoint (Evolveum) Maastricht University is seeking as of Q1 2026 an experienced MidPoint Engineer to temporarily strengthen the Technology stream of the IAM programme.

DEADLINE & EMPLOYMENT CONDITIONS

IMPORTANT: This assignment runs until the end of Q1 2027.

Start date: During Q1 2026
End date: End of Q1 2027
Extension: Not applicable (project-based assignment)
Workload: Approx. 3 days per week
Location: Maastricht The Netherlands
On-site presence: 12 days weekly or bi-weekly (to be agreed)

Please note: This role cannot be fulfilled under a freelance/ZZP construction as the engineer will be embedded in the UM team and works under a formal authority relationship (Dutch DBA legislation).

WHY THIS ASSIGNMENT

Maastricht University is undertaking a strategic modernization of its Identity & Access Management (IAM) landscape. The new IAM solution must:

• Align with established IAM policies

• Mitigate organisational and security risks

• Be user-friendly and secure

• Provide efficient access for staff students guests and partner organisations

As a MidPoint Engineer you will play a key technical role in delivering this transformation within a complex academic IT environment with strong SAP integrations.

ABOUT THE IAM PROGRAMME & SCOPE

The IAM programme consists of several coordinated streams led by a Programme Manager:

• Technology (replacement of SAP IdM with MidPoint)

• Policy & Organisation

• HR

• Architecture

You will operate within the Technology stream reporting to an internal Project Lead and working closely with the IAM management team and other ICTS staff.

Scope (current phase)

This phase focuses on connecting the HR administration (SAP SuccessFactors) via an integration hub and provisioning to the following target systems:

• SAP SuccessFactors EC

• SAP S/4HANA (Cloud & On-Prem)

• SAP Ariba Suite

• SAP SAC

• SAP BTP

• SAP Business Warehouse

• Active Directory (directly connected; feeding Entra via MS Sync)

Provisioning to SAP target systems is facilitated via SAP IPS. Maastricht University is responsible for setting up the provisioning integration between MidPoint and SAP IPS.

Standardised provisioning will be implemented using protocols such as SCIM. For systems that do not support standard messages application owners will develop their own endpoints (IGA target connectors).

The integrations between MidPoint and the connected systems must support:

• Importing application roles into MidPoint (e.g. via CSV)

• Provisioning and de-provisioning of accounts and entitlements

• Reading users and roles for reconciliation processes

YOUR ROLE: MIDPOINT ENGINEER

There is currently no MidPoint expertise within the IAM management team or the broader ICTS department. You will bring this expertise while also ensuring knowledge transfer on the job.

Key responsibilities:

• Designing and elaborating a robust MidPoint implementation within the proposed IAM architecture

• Independently installing and configuring MidPoint in line with Evolveum engineering requirements

• Configuring IAM policies and workflows aligned with UM IAM policy

• Advising on build sequencing with clear distinction between Must-have and Should-have requirements

• Providing input for the programme risk log

• Connecting source and target systems

• Supporting SAP application integrations

• Facilitating role imports provisioning de-provisioning and reconciliation

• Actively coaching and transferring knowledge to IAM management team members

YOUR WORKING STYLE

• Analytical and structured

• Independent yet collaborative

• Knowledge-sharing and coaching mindset

• Solution-oriented

• Organisationally and governance-aware

• Comfortable operating in a complex university environment

MINIMUM REQUIREMENTS

• Proven experience with MidPoint implementations (minimum medior level preferably senior)

• Experience with IAM architectures and provisioning processes

• Experience connecting source and target systems

• Experience with SAP applications (SuccessFactors S/4HANA Ariba etc.)

• Basic Java knowledge is a plus

• Availability of approx. 3 days per week throughout the project duration

• Willingness to be on-site in Maastricht on a regular basis

• Strong communication skills

• Experience within large (semi-)public organisations is a plus

INTERESTED APPLY AS SOON AS POSSIBLE!
This assignment offers a unique opportunity to play a pivotal role in a large-scale IAM transformation at a leading European university.

Our Core values at TheHRchapter
Transparency: We believe in transparent and smooth recruitment processes. You will get feedback from us.

Candidate experience: Perfect blend between automated and humanized recruitment processes. Dont hesitate to ask us for feedback anytime.

Talented pool: We bring highly-skilled motivated candidates to our clients. Our candidates match their company values and management style.

Diversity and inclusion: There is no place for discrimination and intolerance. We care about diversity awareness and respect for any differences.