CIAM Engineer/Identity Architect

Title: : CIAM Specialist

Location: 7373/7333 Gateway Blvd, Newark, CA 94560 USA

Duration: 05+ Months

Position Summary:

Position Overview

JOB SUMMARY
Compelling Story & Candidate Value Proposition

Unique Selling Points:

Own the Customer Identity architecture for high traffic, customer-facing applications, shaping authentication and user experience at scale.

High-impact role during major company growth, with direct influence on security, conversion, and platform reliability.

Deep technical ownership of Auth0, including Actions, Rules, Hooks, MFA, Adaptive MFA, and custom Universal Login experiences.

Cross-functional visibility across engineering, product, and security teams.

Hybrid work schedule offering both flexibility and collaboration.

Candidate Requirements

Years of Experience Required: 7+ overall years of experience in the field.

Degrees or certifications required:

Bachelor's degree preferred but not a hard requirement.

Auth0 Certification:

Professional or Expert level certification preferred.

Disqualifiers: Candidates DO NOT meet all hard skill requirements.

Best vs. Average: Review preferred skills in the JD.

Performance Indicators: Performance will be assessed based on meeting deadlines and quality of work.

Top 3 Hard Skills Required + Years of Experience

Minimum 7 years experience with Protocols: Deep expertise in OAuth2, OIDC, SAML, and JWT (JSON Web Tokens).

Minimum 7 years experience with Development: Proficiency in JavaScript/Node.js/React (since Auth0 Actions/Rules run on Node) and familiarity with frontend frameworks like React, Angular, or Vue.

Identity Concepts: Understanding of RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and Fine-Grained Authorization (FGA).

Minimum 7 years experience with APIs: Strong experience with RESTful API design and secure system-to-system communication (M2M).

Hard Skills Assessments

Expected Dates that Hard Skills Assessments will be scheduled: ASAP

Hard Skills Assessment Process: The assessment process will include 2 rounds at minimum.

Required Candidate Preparation: N/A

Role Overview

The CIAM Specialist (7+ years of experience) is responsible for designing, implementing, and securing the Customer Identity layer of customer-facing applications. This role focuses on seamless user registration, high-scale authentication, application integration and protecting customer data along with the user experience.

Key Responsibilities

Solution Architecture: Design end-to-end authentication and authorization flows using OAuth 2.0, OpenID Connect (OIDC), and SAML.

Auth0 Implementation: Configure and manage Auth0 Tenants, including custom Actions, Rules, and Hooks to extend platform functionality.

Integration: Embed Auth0 SDKs into various application environments (SPAs, Mobile, and Microservices) and integrate with third-party Identity Providers (IdPs) like Google, Apple, or enterprise SAML providers.

Security & Compliance: Implement Multi-Factor Authentication (MFA), Adaptive MFA, and Bot Detection. Ensure the platform meets regulatory standards like GDPR, CCPA, or HIPAA.

Customization: Develop custom sign-up/login pages (Universal Login) and implement branding that matches the company s digital identity.

Automation (IdC): Manage identity configurations as code using Terraform or the Auth0 Deploy CLI to ensure consistent environments across Dev, Staging, and Production.

User Migration: Designing and executing scripts for "Lazy Migration" or bulk imports of user data from legacy databases into Auth0 without forcing password resets.

Debugging & Observability: Utilizing the Auth0 Dashboard, log streaming (to tools like Splunk or Datadog), and the Management API to troubleshoot failed authentication flows and token issues.

Custom Login Flows: Developing and styling Universal Login pages to provide a consistent brand experience across multiple web and mobile properties.

Required Technical Skills

Protocols: Deep expertise in OAuth2, OIDC, SAML, and JWT (JSON Web Tokens).

Development: Proficiency in JavaScript/Node.js/React (since Auth0 Actions/Rules run on Node) and familiarity with frontend frameworks like React, Angular, or Vue.

APIs: Strong experience with RESTful API design and secure system-to-system communication (M2M).

Identity Concepts: Understanding of RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and Fine-Grained Authorization (FGA).

Preferred Qualifications

Auth0 Certification: Professional or Expert level certification.

Cloud Platforms: Experience with AWS, Azure, or Google Cloud Platform identity services.

Security Tools: Familiarity with SIEM/SOAR integrations (e.g., Splunk, Datadog) for monitoring identity threats.

Directory Services: Experience with LDAP, Active Directory, or other user stores.