Principal Engineer - CIAM & Web Security SME

Position Summary

Potential candidate is a technical leader responsible for designing, developing, and maintaining secure, high-performance software systems. This role combines hands-on development with architectural guidance, mentorship, and operational excellence. The engineer will drive technical initiatives, shape CIAM/AuthN/AuthZ systems, and collaborate across teams to deliver scalable, resilient solutions aligned with long-term business strategy.

Must-Have Requirements

• Technical Mastery: Extensive experience in designing, developing, and maintaining scalable server-side applications using Java (Spring Boot), Node.js, Python, and modern frameworks.
• Cloud Architecture: Proven expertise in building, deploying, and managing cloud-native applications on Azure (APIM, Gateway, AKS, Functions, App Service, Observability, Key Vault).
• Security Protocols: Deep understanding of security best practices, including SAML, OAuth2, OIDC, JWT, SSO, MTLS, WAF, identity management, and session management.
• DevOps & CI/CD: Hands-on experience with CI/CD pipelines and tools (Azure DevOps, Jenkins, Docker, Kubernetes & ArgoCD).
• IAM Expertise: Significant background in IAM, including single sign-on, PKI, PSD2 SCA, and possession-based authentication. Experience with Webseal, Okta, PingIdentity, Microsoft EntraID, or AWS IAM. Ability to troubleshoot CIAM issues.
• Database Skills: Strong proficiency in identity and demographic data stores - SQL (SQL Server, PostgreSQL, MySQL) and NoSQL (MongoDB, Redis, Snowflake) databases.
• Performance Optimization: Demonstrated ability to tune and optimize application performance in distributed cloud environments; familiarity with monitoring tools like newRelic or Dynatrace.
• Collaboration: Proven track record of working with cross-functional teams (infrastructure, securityOps, product, architects, DevOps, security, QA).
• Mentorship: Experience leading code reviews, technical mentorship, and team knowledge sharing.
• Technical Staff Hiring: Ability to participate in screening, selection of staff & participation in interview panels.

Should-Have Requirements

• API Design: Experience architecting and building RESTful and GraphQL APIs, ensuring security, performance and efficiency.
• Event-Driven Systems: Ability to design and implement event-driven and distributed systems for large-scale data processing and real-time workflows.
• ETL & Data Modeling: Experience writing and optimizing SQL queries and ETL pipelines for analytics support.
• Infrastructure as Code: Familiarity with OpenTofu/Terraform and infrastructure automation practices.
• Testing Methodologies: Champion BDD/TDD methodologies for system reliability and maintainability.
• Production Monitoring: Proactive monitoring of production systems for high availability and fast incident resolution.
• Security assessment: Participate in threat modeling, security assessments, and code reviews to identify and remediate potential security vulnerabilities. Auditing needs, working with security teams and transform it to application requirements.

Recommended Qualifications

• Leadership: Experience influencing technical direction, mentoring junior engineers, and driving engineering standards.
• Strategic Thinking: Ability to balance immediate business needs with long-term technical scalability and innovation.
• Industry Certifications: Relevant certifications in identity management, cloud, security, or software architecture (e.g., Azure Solutions Architect, CISSP, CIAM and privacy industry certifications).
• Business Acumen: Understanding of business value, cost implications, and strategic impact of technical decisions.
• Continuous Learning: Commitment to staying current with technology trends, best practices, and emerging tools.

Responsibilities

• Lead the design, development, and maintenance of scalable applications and APIs.
• Architect and implement secure, cloud-native solutions.
• Drive CI/CD automation and DevOps best practices.
• Mentor and guide engineering teams.
• Collaborate with stakeholders to clarify requirements and deliver impactful solutions.
• Ensure system reliability, performance, and maintainability.
• Participate in roadmap planning and strategy sessions.
• Promote simplicity, maintainability, and technical excellence.