Role: Solution Architect — Authentication, Authorization and Profile Management
Location: Remote
Type of position: contract to hire post 12 months
Job description:
What You’ll Do
•Own end-to-end solution architecture for AuthN/AuthZ/Profile, including SDKs, common patterns, and platform guardrails.
•Design relationship-based authorization (Zanzibar-style):
o relationship tuples/graph, permission language, and API surfaces (REST/gRPC).
•Define measurable NFRs: latency/throughput, availability, tenant isolation, RPO/RTO, and enforceable least privilege.
•Establish a load testing and sizing approach using available tooling; publish repeatable benchmarks.
•Integrate with IdPs and token flows; design service-to-service auth and secrets management.
•Design profile services contracts to unify client/staff context across portfolio experiences.
•Apply agentic AI safely to: assist policy modelling, generate regression tests, and detect risky changes (always with human approval).
•Lead governance: threat modelling, security reviews, ADRs, rollout plans, and runbooks; align with support model and SLA expectations.
Outcomes & Measures (examples)
•Reference architecture (C4 + sequence + deployment) + SDK plan published within 30 days.
•AuthZ model shipped with measurable targets and reproducible load test harness.
•Policy change pipeline includes automated validation + audit logs + rollback strategy.
•Support model defined (channels, escalation, SLA expectations).Required Qualifications
•10+ years engineering; 5+ years identity/security architecture.
•Proven experience designing scalable auth systems and APIs; strong NFR discipline.
•Azure security fundamentals (Key Vault, private networking, AKS, observability).
•Strong documentation and governance (ADRs, diagrams, security artefacts).
Preferred Qualifications
•Zanzibar-style AuthZ experience; relationship tuples/graph-based permissions (e.g., Ori Keto).
•Experience building policy-as-code pipelines and continuous regression for permissions.
•Experience applying AI to security workflows in controlled, auditable loops.
Interview Process (indicative)
•Deep-dive on prior authZ model + correctness strategy.
•Practical: design a Zanzibar-style model for a multi-tenant scenario; define tuples + permission language + test strategy + SLOs.
•Security scenario: breaking permission change; rollback and audit evidence.
If interested, please share resume to
Never miss an opportunity! Create an alert based on the job you applied for.
.jpg?format=webp)