Senior Java Developer/Authentication Expert

We are seeking a highly skilled and experienced Senior Developer with deep expertise in authentication and authorization to join our team. The ideal candidate will have a strong background in designing, implementing, and securing authentication and authorization systems, with hands-on experience in Auth, Keycloak, JWT tokens, and modern security protocols. You will play a key role in building secure, scalable, and user-friendly authentication solutions for our applications.

Key Responsibilities:

• Design, develop, and maintain secure authentication and authorization systems
• Implement Auth 2.0 and OpenID Connect (OIDC) protocols for secure user authentication and authorization.
• Configure and manage Keycloak or similar identity and access management (IAM) solutions
• Implement and manage JSON Web Tokens (JWT) for secure token-based authentication
• Handle token generation, validation, and expiration policies; Ensure secure storage and transmission of tokens.
• Implement second-factor authentication (2FA) mechanisms, such as TOTP (Time-Based One-Time Password), SMS-based OTP, or hardware tokens; Integrate 2FA into existing authentication flows
• Design and implement challenge-response authentication mechanisms for enhanced security
• Ensure secure handling of client secrets, API keys, and other sensitive credentials
• Develop and maintain RESTful APIs using Spring Boot
• Implement secure and scalable backend services for authentication and authorization; ensure APls adhere to best practices for performance, security, and maintainability
• Build reactive and non-blocking systems using Spring WebFlux or other reactive frameworks and optimize applications for high concurrency and low latency
• Enforce security best practices for authentication and authorization, including secure password policies, encryption, and secure session management
• Conduct security audits and vulnerability assessments for authentication systems
• Collaborate with cross-functional teams, including product managers, security teams, and DevOps, to deliver secure and scalable solutions, also, mentor junior developers and provide technical leadership in authentication and authorization
• Document authentication and authorization workflows, policies, and procedures
• Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, or PCI-DSS.

• Strong proficiency in Java and experience with modern Java frameworks and libraries
• Strong knowledge of Auth 2.0, OpeniD Connect (OIDC), and SAML
• Hands-on experience with Keycloak or similar IAM solutions
• Proficiency in working with JWT tokens and understanding of token-based authentication fl (e.g., Authorization Code Flow, Implicit Flow, Client Credentials Flow)
• Experience with second-factor authentication (2FA) and multi-factor authentication (MF)
• Familiarity with challenge-response mechanisms and secure credential management
• Extensive experience with Spring Boot for building RESTful APIs and strong understanding of REST API design principles and best practices.
• Experience with Spring Security for implementing authentication and authorization
• Proficiency in reactive programming using Spring WebFlux, Project Reactor, or similar frameworks; Experience building non-blocking, event-driven systems
• Strong understanding of cryptographic principles, including encryption, hashing, and digital signatures; Knowledge of secure coding practices and common vulnerabilities (e.g., OWASP Top)
• Excellent problem-solving, analytical, communication and collaboration skills
• Ability to work independently and lead technical initiatives.

Preferred Qualifications:

• Experience with Auth 2.1 and emerging authentication standards
• Knowledge of FIDO2 and WebAuthn for passwordless authenticatio
• Familiarity with DevSecOps practices and tools
• Experience with cloud platforms, such as AWS, Azure, or Google Cloud, and their IAM services.

• Challenging projects in a highly professional, but also collaborative and supportive environment
• Working in small and excellently skilled teams
• Opportunities for your continuous professional development
• Competitive compensation depending on experience and skills
• Hybrid and Remote work options, with provided parking for office commuters
• Service Recognition Awards, our way of celebrating and rewarding long-term contributions
• Awesome Referral Bonus Program, because great people know great people
• Team gatherings and team-building activities to foster connections, a sense of belonging and camaraderie.