Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Identity and Access Specialist (Security): Designing and building the identity and access management system for an AI-powered software creation platform with an accent on authentication flows, RBAC, and multi-tenancy isolation. Focus on migrating to a composable identity layer, ensuring secure-by-default auth for generated apps, and managing secrets infrastructure at scale.
Location: On-site in Stockholm, Sweden
Company
Lovable is an AI-powered software creation platform that enables millions of users to rapidly generate and deploy production-ready applications.
What you will do
- Design and build the identity and access management system for both the platform and user-generated apps.
- Implement authentication flows including OAuth 2.0, OIDC, magic links, social logins, and MFA.
- Develop a robust authorization model featuring RBAC, row-level security, and API key management.
- Own multi-tenancy isolation to ensure secure separation of user apps, data, and credentials.
- Manage secrets infrastructure for secure storage and rotation of database credentials and service tokens.
- Migrate identity services from a bundled setup to a fully owned, composable identity layer.
Requirements
- Deep expertise in IAM: OAuth 2.0, OIDC, SAML, JWT, and token lifecycle management.
- Experience building and operating auth systems at scale within multi-tenant SaaS or PaaS contexts.
- Strong security mindset focused on preventing credential leakage, privilege escalation, and token theft.
- Proficiency with RBAC/ABAC models and row-level security in Postgres.
- Comfortable using TypeScript across backend services and API layers.
- Proven experience migrating auth systems in production without breaking user sessions.
Nice to have
- Experience with secrets management tools such as Vault or AWS Secrets Manager.
- Background in compliance-relevant auth work (SOC 2, GDPR, HIPAA).
- Familiarity with Supabase Auth internals (GoTrue) or similar open-source auth servers.
- Experience designing authentication for AI-generated or low-code applications.
- Knowledge of managed cloud services (AWS, GCP) and buy-vs-build tradeoffs for identity infrastructure.
Culture & Benefits
- Opportunity to work with a modern tech stack including Golang, Rust, React, and various cloud providers (GCP, AWS, Cloudflare).
- High-trust, high-impact role at the intersection of security, product, and platform engineering.
- Collaborative environment working closely with AI and product teams to implement secure-by-default features.
- Focus on building scalable, production-grade services that power hundreds of thousands of apps daily.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →