Назад
1 месяц назад

Identity and Access Specialist (Security)

Формат работы
onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Sweden
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Identity and Access Specialist (Security): Designing and building the identity and access management system for an AI-powered software creation platform with an accent on authentication flows, RBAC, and multi-tenancy isolation. Focus on migrating to a composable identity layer, ensuring secure-by-default auth for generated apps, and managing secrets infrastructure at scale.

Location: On-site in Stockholm, Sweden

Company

Lovable is an AI-powered software creation platform that enables millions of users to rapidly generate and deploy production-ready applications.

What you will do

  • Design and build the identity and access management system for both the platform and user-generated apps.
  • Implement authentication flows including OAuth 2.0, OIDC, magic links, social logins, and MFA.
  • Develop a robust authorization model featuring RBAC, row-level security, and API key management.
  • Own multi-tenancy isolation to ensure secure separation of user apps, data, and credentials.
  • Manage secrets infrastructure for secure storage and rotation of database credentials and service tokens.
  • Migrate identity services from a bundled setup to a fully owned, composable identity layer.

Requirements

  • Deep expertise in IAM: OAuth 2.0, OIDC, SAML, JWT, and token lifecycle management.
  • Experience building and operating auth systems at scale within multi-tenant SaaS or PaaS contexts.
  • Strong security mindset focused on preventing credential leakage, privilege escalation, and token theft.
  • Proficiency with RBAC/ABAC models and row-level security in Postgres.
  • Comfortable using TypeScript across backend services and API layers.
  • Proven experience migrating auth systems in production without breaking user sessions.

Nice to have

  • Experience with secrets management tools such as Vault or AWS Secrets Manager.
  • Background in compliance-relevant auth work (SOC 2, GDPR, HIPAA).
  • Familiarity with Supabase Auth internals (GoTrue) or similar open-source auth servers.
  • Experience designing authentication for AI-generated or low-code applications.
  • Knowledge of managed cloud services (AWS, GCP) and buy-vs-build tradeoffs for identity infrastructure.

Culture & Benefits

  • Opportunity to work with a modern tech stack including Golang, Rust, React, and various cloud providers (GCP, AWS, Cloudflare).
  • High-trust, high-impact role at the intersection of security, product, and platform engineering.
  • Collaborative environment working closely with AI and product teams to implement secure-by-default features.
  • Focus on building scalable, production-grade services that power hundreds of thousands of apps daily.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →