84.51˚
Lead Identity Platform Engineer* (P3169)
84.51˚, Deerfield, Illinois, United States, 60063
84.51° Overview
84.51° is a retail data science, insights and media company. We help The Kroger Co., consumer packaged goods companies, agencies, publishers and affiliates create more personalized and valuable experiences for shoppers across the path to purchase.
Powered by cutting-edge science, we utilize first-party retail data from more than 62 million U.S. households sourced through the Kroger Plus loyalty card program to fuel a more customer-centric journey using 84.51° Insights, 84.51° Loyalty Marketing and our retail media advertising solution, Kroger Precision Marketing.
Join us at 84.51°!
As Lead Identity Platform Engineer , you will have the opportunity to help modernize the identity and access management systems and tools used for our commercial platforms and services at 84.51°. We are looking for a knowledgeable, creative identity engineer that can lead and participate in architectural discussions, use their subject matter expertise in identity and access management to make recommendations for our authentication and authorization systems, and ultimately plan and implement solutions with other identity and shared commercial technology engineers. This position will contribute to the design and implementation of authentication and authorization for our web application ecosystem, providing best practices for our developers, and will support identity initiatives related to our API products.
Responsibilities
Take ownership of and drive delivery of authentication and authorization solutions across our commercial web application ecosystem by:Leading design and development of identity solutions using a combination of off the shelf tools and homegrown applicationsParticipating in architectural discussions related to authentication and authorizationContributing to our identity systems as a developer, building prototypes, and evaluating open source and commercial productsEnabling and supporting engineering initiatives related to API authentication and authorizationActing as an identity subject matter expert and resource for other engineers and stakeholders at 84.51°Qualifications
Bachelor’s degree in Computer Science or related program, or commensurate work experience3+ years of experience implementing authentication and authorization solutions for commercial applications and/or intranet/business to business systems in an enterpriseIn-depth knowledge of full-stack web application architecture and current best practices for implementing authentication and authorization for web applications (Spring Boot+ Angular) and APIsProficiency in current frameworks, specifications, topics and trends within the identity field or related to identity security, including OAuth2.0/OpenID Connect, SAML, JOSE (JWT/JWK), etc.2+ years implementing and integrating on-premise and cloud-based identity providers such as Okta, Azure B2C, Keycloak, Identity Server, etc. and directory systems such as AD LDS/LDAP, Azure AD/Entra ID, etc.Experience with Object-Oriented programming in Java (especially using Spring Boot); enough experience to provide model auth-n/auth-z implementations for developers to follow, develop proofs-of-concepts, and contribute to libraries and backend service codeProficiency with standard authorization models such as RBAC, ABAC, and ReBACFamiliarity with policy information, enforcement, and decision systems such as Open Policy Agent, OpenFGA, Topaz, etc.Experience working with API gateways and an understanding of how they work and fit into an enterprise environmentProficient using RESTful APIsFamiliarity with additional web (Javascript, Python, Go, etc.) and scripting (PowerShell, etc.) languages preferredExperience with infrastructure-as-code via Terraform preferredComfortable performing version control in GIT and GitHubUnderstanding of CI/CDUnderstanding of non-functional qualities of application maintenance such as monitoring, logging, and alerting in tools like DatadogImportant:
We are unable to sponsor or take over sponsorship of an employment Visa at this time for this position. Applicants must be authorized to work for ANY employer in the U.S.
This is a Hybrid position. Candidates must be able to come into the office on Monday, Tuesday, and Wednesday of each week. We have locations in Cincinnati, OH, Chicago, IL, Deerfield, IL, New York, NY, and Portland, OR.There are no remote options for this position.
#J-18808-Ljbffr
84.51° is a retail data science, insights and media company. We help The Kroger Co., consumer packaged goods companies, agencies, publishers and affiliates create more personalized and valuable experiences for shoppers across the path to purchase.
Powered by cutting-edge science, we utilize first-party retail data from more than 62 million U.S. households sourced through the Kroger Plus loyalty card program to fuel a more customer-centric journey using 84.51° Insights, 84.51° Loyalty Marketing and our retail media advertising solution, Kroger Precision Marketing.
Join us at 84.51°!
As Lead Identity Platform Engineer , you will have the opportunity to help modernize the identity and access management systems and tools used for our commercial platforms and services at 84.51°. We are looking for a knowledgeable, creative identity engineer that can lead and participate in architectural discussions, use their subject matter expertise in identity and access management to make recommendations for our authentication and authorization systems, and ultimately plan and implement solutions with other identity and shared commercial technology engineers. This position will contribute to the design and implementation of authentication and authorization for our web application ecosystem, providing best practices for our developers, and will support identity initiatives related to our API products.
Responsibilities
Take ownership of and drive delivery of authentication and authorization solutions across our commercial web application ecosystem by:Leading design and development of identity solutions using a combination of off the shelf tools and homegrown applicationsParticipating in architectural discussions related to authentication and authorizationContributing to our identity systems as a developer, building prototypes, and evaluating open source and commercial productsEnabling and supporting engineering initiatives related to API authentication and authorizationActing as an identity subject matter expert and resource for other engineers and stakeholders at 84.51°Qualifications
Bachelor’s degree in Computer Science or related program, or commensurate work experience3+ years of experience implementing authentication and authorization solutions for commercial applications and/or intranet/business to business systems in an enterpriseIn-depth knowledge of full-stack web application architecture and current best practices for implementing authentication and authorization for web applications (Spring Boot+ Angular) and APIsProficiency in current frameworks, specifications, topics and trends within the identity field or related to identity security, including OAuth2.0/OpenID Connect, SAML, JOSE (JWT/JWK), etc.2+ years implementing and integrating on-premise and cloud-based identity providers such as Okta, Azure B2C, Keycloak, Identity Server, etc. and directory systems such as AD LDS/LDAP, Azure AD/Entra ID, etc.Experience with Object-Oriented programming in Java (especially using Spring Boot); enough experience to provide model auth-n/auth-z implementations for developers to follow, develop proofs-of-concepts, and contribute to libraries and backend service codeProficiency with standard authorization models such as RBAC, ABAC, and ReBACFamiliarity with policy information, enforcement, and decision systems such as Open Policy Agent, OpenFGA, Topaz, etc.Experience working with API gateways and an understanding of how they work and fit into an enterprise environmentProficient using RESTful APIsFamiliarity with additional web (Javascript, Python, Go, etc.) and scripting (PowerShell, etc.) languages preferredExperience with infrastructure-as-code via Terraform preferredComfortable performing version control in GIT and GitHubUnderstanding of CI/CDUnderstanding of non-functional qualities of application maintenance such as monitoring, logging, and alerting in tools like DatadogImportant:
We are unable to sponsor or take over sponsorship of an employment Visa at this time for this position. Applicants must be authorized to work for ANY employer in the U.S.
This is a Hybrid position. Candidates must be able to come into the office on Monday, Tuesday, and Wednesday of each week. We have locations in Cincinnati, OH, Chicago, IL, Deerfield, IL, New York, NY, and Portland, OR.There are no remote options for this position.
#J-18808-Ljbffr