The main responsibility of the lead / senior software engineer is to design, build and implement scalable solutions to bring TFS platforms to life and ensure they are well managed. The lead / senior software engineer is tasked with working with product owners to understand business requirements, working with architecture to clearly understand architectural direction; work with the platform lead engineer to design innovative solutions and producing comprehensive functional/technical code for platforms and applications. Proficiency in Cloud platform configuration and customization, and Real time streaming platform development is essential. Candidates with a solid background in building reusable frameworks that support platform engineering teams or platform tooling will be highly regarded. • Lead technology projects with support from a team of full stack developers to create solutions for integration platforms that help meet needs for the company • Utilize programming languages like JavaScript, Java, Springboot, TypeScript, RDBMS and NoSQL databases, Container Orchestration services including Docker and Kubernetes, and a variety of AWS tools and services • Build reusable components for authentication and authorization enforcement at service layer. • Implement OAuth 2.0 with OpenID Connect (OIDC) to support web, mobile and service-service use cases. • Develop integration patterns for multiple OAuth2.0 grant types including Authorization Code (with PKCE), Client Credentials (API-API) etc. • Integrate access token validation, scopes and claims-based access controls into reusable framework or gateway components. • Design and implement RBAC/ABAC/Entitlements models within the framework for granular access controls enforcement. • Deliver SDKs, documentation, sample projects and internal training for engineering teams to accelerate adoption Requirements: • Expertise in software engineering with at least some experience in designing and implementing modern 12 factor, cloud native business technology solutions. • Practical knowledge of cloud platforms including leveraging AWS services. • Solid technical foundation with relevant experience in Java, Springboot, NodeJS, Real time streaming architectures, microservices architecture and serverless architecture patterns • Deep understanding of Springboot or NodeJS internals; understanding of dependency management and testing options; clear understanding of distributed tracing standards, resiliency and scalability patterns • OR • Deep understanding and practical experience implementing OpenID Connect (OIDC) and Security Assertion Markup Language (SAML) based Customer Identity solutions. • An in-depth understanding of OAuth authorization grant types and knowledge of utilizing appropriate grant type based on specific integration use case. • Expertise in API Security patterns including gateway-level authentication, token introspection and revocation, mutual TLS • Practical experience with integration with and developing operational tools for OKTA / PING / ForgeRock will be highly regarded • Bachelor's degree in computer science or related field