Job description
We are seeking a highly skilled and experienced Senior Developer with deep expertise in authentication and authorization to join our team. The ideal candidate will have a strong background in designing, implementing, and securing authentication and authorization systems, with hands-on experience in Auth, Keycloak, JWT tokens, and modern security protocols. You will play a key role in building secure, scalable, and user-friendly authentication solutions for our applications.
Key Responsibilities:
Design, develop, and maintain secure authentication and authorization systems
Implement Auth 2.0 and OpenID Connect (OIDC) protocols for secure user authentication and authorization.
Configure and manage Keycloak or similar identity and access management (IAM) solutions
Implement and manage JSON Web Tokens (JWT) for secure token-based authentication
Handle token generation, validation, and expiration policies; Ensure secure storage and transmission of tokens.
Implement second-factor authentication (2FA) mechanisms, such as TOTP (Time-Based One-Time Password), SMS-based OTP, or hardware tokens; Integrate 2FA into existing authentication flows
Design and implement challenge-response authentication mechanisms for enhanced security
Ensure secure handling of client secrets, API keys, and other sensitive credentials
Develop and maintain RESTful APIs using Spring Boot
Implement secure and scalable backend services for authentication and authorization; ensure APls adhere to best practices for performance, security, and maintainability
Build reactive and non-blocking systems using Spring WebFlux or other reactive frameworks and optimize applications for high concurrency and low latency
Enforce security best practices for authentication and authorization, including secure password policies, encryption, and secure session management
Conduct security audits and vulnerability assessments for authentication systems
Collaborate with cross-functional teams, including product managers, security teams, and DevOps, to deliver secure and scalable solutions, also, mentor junior developers and provide technical leadership in authentication and authorization
Document authentication and authorization workflows, policies, and procedures
Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, or PCI-DSS.
Strong proficiency in Java and experience with modern Java frameworks and libraries
Strong knowledge of Auth 2.0, OpeniD Connect (OIDC), and SAML
Hands-on experience with Keycloak or similar IAM solutions
Proficiency in working with JWT tokens and understanding of token-based authentication fl (e.g., Authorization Code Flow, Implicit Flow, Client Credentials Flow)
Experience with second-factor authentication (2FA) and multi-factor authentication (MF)
Familiarity with challenge-response mechanisms and secure credential management
Extensive experience with Spring Boot for building RESTful APIs and strong understanding of REST API design principles and best practices.
Experience with Spring Security for implementing authentication and authorization
Proficiency in reactive programming using Spring WebFlux, Project Reactor, or similar frameworks; Experience building non-blocking, event-driven systems
Strong understanding of cryptographic principles, including encryption, hashing, and digital signatures; Knowledge of secure coding practices and common vulnerabilities (e.g., OWASP Top)
Excellent problem-solving, analytical, communication and collaboration skills
Ability to work independently and lead technical initiatives.
Preferred Qualifications:
Experience with Auth 2.1 and emerging authentication standards
Knowledge of FIDO2 and WebAuthn for passwordless authenticatio
Familiarity with DevSecOps practices and tools
Experience with cloud platforms, such as AWS, Azure, or Google Cloud, and their IAM services.
Challenging projects in a highly professional, but also collaborative and supportive environment
Working in small and excellently skilled teams
Opportunities for your continuous professional development
Competitive compensation depending on experience and skills
Private Health Insurance options for you and your family members
Meal vouchers
Hybrid and Remote work options, with provided parking for office commuters
Service Recognition Awards, our way of celebrating and rewarding long-term contributions
Awesome Referral Bonus Program, because great people know great people
Team gatherings and team-building activities to foster connections, a sense of belonging and camaraderie.
