Senior Software Engineer – IAM, OIDC, OAuth

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Portainer.io

WebsiteLinkedInAll Job Openings

51 - 200 employees

☁️ SaaS

🏢 Enterprise

💰 $6.2M Series A on 2022-06

SaaS • Enterprise • Cloud Computing

Portainer. io is a universal container management platform that simplifies the adoption of container technologies like Docker, Kubernetes, and Swarm. The platform is designed for managing multi-cluster and multi-device environments, providing a unified user experience for hybrid and multi-cloud deployments. Portainer supports secure app deployment and device management, particularly for Industrial IoT and Edge computing scenarios. It is notable for its intuitive interface, robust features, and centralized control, making it a popular choice with over 1 million users worldwide for efficient, secure, and fast container management.

📋 Description

• Own the operational health, reliability, and availability of the OIDC platform • Lead incident investigation and root cause analysis • Diagnose authentication, authorization, MFA, federation, and token-related failures • Develop operational runbooks and platform documentation • Design and implement enhancements to authentication and authorization workflows • Maintain OAuth2 and OIDC integrations • Support MFA technologies including TOTP, SMS, Email, WebAuthn, and passwordless authentication • Support federation with Active Directory and Azure Active Directory • Maintain token issuance, claims mapping, scopes, audiences, and client registrations • Develop and maintain Node.js and TypeScript services • Troubleshoot production issues through code analysis and debugging • Perform dependency upgrades and security remediation • Build automation and operational tooling • Assess migration paths toward modern identity platforms • Lead technical evaluations of platforms such as Zitadel, Keycloak, Authentik, or similar • Define migration strategies for applications, clients, claims, and identity data • Drive platform simplification and reduction of technical debt • Support Elasticsearch-backed identity data stores • Troubleshoot token, session, account, permission, and client data issues • Work with Kubernetes-based deployments and GitOps workflows • Support Redis, background processing, and synchronisation services • Participate in a shared on-call rotation. • Assist with incident response, troubleshooting, root cause analysis, and continuous service improvements.

🎯 Requirements

• 5+ years working with OAuth2 and OpenID Connect in production environments • Deep understanding of Authorization Code Flow, Client Credentials Flow, Device Authorization Flow, Token Exchange, JWT, JWK/JWKS, PKCE, Refresh Tokens, Federation, and Claims and Scopes • 5+ years of Node.js development • Strong TypeScript experience • Experience supporting and debugging production systems • Kubernetes experience • Elasticsearch and Redis experience • CI/CD and GitOps exposure • Production incident response experience • Experience with panva/oidc-provider, Zitadel, Keycloak, or Authentik (Nice to have) • LDAP, Active Directory, or Azure AD / Entra ID (Nice to have) • WebAuthn / FIDO2 (Nice to have)

🏖️ Benefits

• Portainer is a leading tech company offering a broad benefits package including a highly competitive salary • Ability to work anywhere in the world while still being part of a dynamic team • Taking on some of the most interesting challenges in the technology/infrastructure space