Назад
Company hidden
4 дня назад

Principal Identity and API Architect (Adtech)

175 000 - 250 000$
Формат работы
onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Principal Identity and API Architect (Adtech): Designing and owning an end-to-end identity platform and API security strategy for a programmatic marketplace with an accent on authentication, authorization, and API governance. Focus on building scalable multi-tenant authorization models, implementing OIDC/OAuth 2.0 flows, and managing complex identity integrations for publishers and demand partners.

Location: New York, New York, United States

Salary: $175,000 - $250,000 USD

Company

hirify.global is an advertising platform that elevates digital advertising through beautiful creative, quality publishers, and smart targeting.

What you will do

  • Architect and own the end-to-end identity platform, including tenant models, SSO integrations, and machine-to-machine authentication.
  • Design and implement Auth0 tenant architecture, custom domains, and token lifecycle management.
  • Define and enforce OAuth 2.0 and OIDC flows (PKCE, M2M) to ensure secure authentication for all platform participants.
  • Build multi-tenant authorization models using OpenFGA or comparable ReBAC systems (e.g., SpiceDB, Ory Keto).
  • Own the API gateway layer, designing rate limiting, scoped token validation, and mTLS enforcement across Traefik, Kong, or AWS.
  • Lead identity integrations for publishers (SAML 2.0, OIDC) and demand-side partners (DSP/Agency API authentication).

Requirements

  • 8+ years of software engineering or platform architecture experience, with 4+ years focused on identity, IAM, or API security.
  • 2+ years of hands-on production experience with Okta's Auth0.
  • Production experience with OpenFGA or a comparable relationship-based access control (ReBAC) system.
  • Deep fluency in OAuth 2.0, OpenID Connect, SAML 2.0, JWT, and JWKS.
  • Demonstrated experience with AWS identity and API infrastructure (IAM, API Gateway, Lambda authorizers, Cognito).
  • Proficiency in at least one backend language such as Go, Java, or Python.

Culture & Benefits

  • Comprehensive Medical, Dental, and Vision plans.
  • Flexible Paid Time Off (PTO) policy.
  • 401k plan with employer match.
  • Positive, collaborative, and compassionate team environment.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →