Principal Identity and API Architect (Adtech)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Principal Identity and API Architect (Adtech): Designing and owning an end-to-end identity platform and API security strategy for a programmatic marketplace with an accent on authentication, authorization, and API governance. Focus on building scalable multi-tenant authorization models, implementing OIDC/OAuth 2.0 flows, and managing complex identity integrations for publishers and demand partners.
Location: New York, New York, United States
Salary: $175,000 - $250,000 USD
Company
is an advertising platform that elevates digital advertising through beautiful creative, quality publishers, and smart targeting.
What you will do
- Architect and own the end-to-end identity platform, including tenant models, SSO integrations, and machine-to-machine authentication.
- Design and implement Auth0 tenant architecture, custom domains, and token lifecycle management.
- Define and enforce OAuth 2.0 and OIDC flows (PKCE, M2M) to ensure secure authentication for all platform participants.
- Build multi-tenant authorization models using OpenFGA or comparable ReBAC systems (e.g., SpiceDB, Ory Keto).
- Own the API gateway layer, designing rate limiting, scoped token validation, and mTLS enforcement across Traefik, Kong, or AWS.
- Lead identity integrations for publishers (SAML 2.0, OIDC) and demand-side partners (DSP/Agency API authentication).
Requirements
- 8+ years of software engineering or platform architecture experience, with 4+ years focused on identity, IAM, or API security.
- 2+ years of hands-on production experience with Okta's Auth0.
- Production experience with OpenFGA or a comparable relationship-based access control (ReBAC) system.
- Deep fluency in OAuth 2.0, OpenID Connect, SAML 2.0, JWT, and JWKS.
- Demonstrated experience with AWS identity and API infrastructure (IAM, API Gateway, Lambda authorizers, Cognito).
- Proficiency in at least one backend language such as Go, Java, or Python.
Culture & Benefits
- Comprehensive Medical, Dental, and Vision plans.
- Flexible Paid Time Off (PTO) policy.
- 401k plan with employer match.
- Positive, collaborative, and compassionate team environment.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →