• Design, build, and deploy AI‑powered and agentic workflows using Python within modern cloud‑native environments. • Own technical direction for AI/ML components, including architecture, orchestration, model integration, and performance optimization . • Partner with product, engineering, and client stakeholders to shape the roadmap for AI‑driven and autonomous system capabilities . • Evaluate and integrate LLMs, agent frameworks, vector search, embeddings, retrieval pipelines, and tool‑use orchestration into production systems. • Lead by example through high‑quality code, strong engineering practices, and thoughtful technical decision‑making. • Drive experimentation, prototyping, and rapid iteration to validate AI‑powered product ideas. • Ensure AI systems are reliable, observable, secure, and maintainable in production environments. • Mentor engineers and contribute to a culture of technical excellence and innovation.

Role Description We're looking for a Senior Software Engineer with deep Identity and Access Management (IAM) domain expertise to take ownership of a large-scale enterprise OIDC platform supporting thousands of users, hundreds of applications, and mission-critical authentication services. This is not a Kubernetes, DevOps, SRE, or infrastructure engineering role. It is a senior application engineering and identity architecture position focused on the design, operation, troubleshooting, and evolution of a custom-built authorization platform. You'll become the technical authority for the platform, leading complex investigations, guiding architectural decisions, mentoring other engineers, and driving the roadmap toward a modern, standards-based identity solution. The ideal candidate has hands-on experience building, operating, or extending identity platforms and authorization servers, with deep fluency in: - OAuth2 - OpenID Connect - JWTs - Claims - Scopes - Federation - MFA - Token lifecycle management - Authentication architecture You should be comfortable working in Node.js and TypeScript codebases, diagnosing production issues across application and data layers, and translating identity and security requirements into robust engineering solutions. This role operates with core collaboration hours of 6:00 PM – 12:00 AM IST to provide overlap with global teams. Outside of core hours, work is flexible and outcome-focused. Qualifications - 5+ years working with OAuth2 and OpenID Connect in production environments - Deep understanding of Authorization Code Flow, Client Credentials Flow, Device Authorization Flow, Token Exchange, JWT, JWK/JWKS, PKCE, Refresh Tokens, Federation, and Claims and Scopes - 5+ years of Node.js development - Strong TypeScript experience - Experience supporting and debugging production systems - Kubernetes experience - Elasticsearch and Redis experience - CI/CD and GitOps exposure - Production incident response experience Requirements - Own the operational health, reliability, and availability of the OIDC platform - Lead incident investigation and root cause analysis - Diagnose authentication, authorization, MFA, federation, and token-related failures - Develop operational runbooks and platform documentation - Design and implement enhancements to authentication and authorization workflows - Maintain OAuth2 and OIDC integrations - Support MFA technologies including TOTP, SMS, Email, WebAuthn, and passwordless authentication - Support federation with Active Directory and Azure Active Directory - Maintain token issuance, claims mapping, scopes, audiences, and client registrations - Develop and maintain Node.js and TypeScript services - Troubleshoot production issues through code analysis and debugging - Perform dependency upgrades and security remediation - Build automation and operational tooling - Assess migration paths toward modern identity platforms - Lead technical evaluations of platforms such as Zitadel, Keycloak, Authentik, or similar - Define migration strategies for applications, clients, claims, and identity data - Drive platform simplification and reduction of technical debt - Support Elasticsearch-backed identity data stores - Troubleshoot token, session, account, permission, and client data issues - Work with Kubernetes-based deployments and GitOps workflows - Support Redis, background processing, and synchronisation services - Participate in a shared on-call rotation - Assist with incident response, troubleshooting, root cause analysis, and continuous service improvements Benefits - Highly competitive salary - Ability to work anywhere in the world - Dynamic team environment - Engagement with interesting challenges in the technology/infrastructure space

Role Description We're looking for a Software Engineer with Identity and Access Management (IAM) domain experience to support and enhance an enterprise OpenID Connect platform used across a large application ecosystem. This is primarily an application engineering role, not a Kubernetes, DevOps, SRE, or infrastructure engineering position. You'll work on the identity platform itself, investigating authentication and authorization issues, onboarding applications, maintaining Node.js/TypeScript services, implementing platform enhancements, and troubleshooting complex OAuth2 and OpenID Connect workflows. The ideal candidate has hands-on experience building, supporting, or extending identity platforms and a strong understanding of: - OAuth2 - OpenID Connect - JWTs - Claims - Scopes - MFA - Identity federation You should be comfortable reading and modifying application code, debugging production issues, and diagnosing problems across application, data, and infrastructure layers. This role operates with core collaboration hours of 6:00 PM – 12:00 AM IST to provide overlap with global teams. Outside of core hours, work is flexible and outcome-focused. Qualifications - 2–4 years of experience working with OAuth2 and OpenID Connect - Understanding of Authorization Code Flow, Client Credentials Flow, JWT, PKCE, Claims and Scopes, MFA concepts, and Identity Federation Requirements - Node.js and TypeScript experience - REST API development - Git-based workflows - Kubernetes fundamentals - Linux administration - Monitoring and troubleshooting skills - Basic Elasticsearch knowledge Nice to have - Experience with oidc-provider, Keycloak, Zitadel, or Authentik - Active Directory or Azure AD / Entra ID Benefits - Highly competitive salary - Ability to work anywhere in the world - Dynamic team environment - Engagement in interesting challenges in the technology/infrastructure space

• Write high-quality, elegant, effective code • Share your learnings with the team from keeping up to date with industry trends and technology developments • Collaborate with the Scrum Master, Developer in Test, and Product Owners on story refinement and prioritization • Ensure code committed meets the definition of done • Identify and share relevant architectural patterns • Coach the team in the avoidance of anti-patterns • Lead by example in the use of test automation • Ensure the team keeps the CI/CD pipeline green • Guide the team in ensuring all code deployed to the trunk is in a shippable state • Perform code reviews for security, accuracy, and functionality • Create a culture of metrics and data to drive continuous improvement • Provide operational support for your products • Ensure the team meets its commitments and goals for each sprint, delivering high-quality code into production • Coach the team in the practice of continual code quality improvement • Ensure relevant regulatory and compliance goals are met • Work closely with Infosec to ensure Security's ‘shift left’ • Collaborate closely with the Operations team, promoting a DevOps culture • Mentor your fellow software engineers to help them achieve more than they thought possible