We are looking for a Principal Security Software Engineer to join the Customer Auth (CAUTH) team that handles authentication/authorization for E*TRADE customers. We are on an exciting journey – modernizing the authentication factors and infrastructure for all of E*TRADE’s customers. This includes deploying systems that support modern factors like TOTP, Mobile Push, and YubiKeys – with the goal of increasing customer security and decreasing friction during the login process. Additionally, the team is focused on the developer experience at E*TRADE. By focusing on the use of standards-based services, we will provide a set of APIs designed to ensure development teams can easily create customer interactions that are secure, dynamic, and seamless.
- Implementing various authentication factors, like TOTP, Mobile Push, and YubiKeys using nodes/modules provided in ForgeRock (customize as necessary)
- Developing, unit testing, and supporting code through various stages of the SDLC.
- Building appropriate and required tools for monitoring and troubleshooting Identity and SSO use cases.
- Incorporating ForgeRock related products and any customizations into the CI/CD pipelines used at E*TRADE
- Driving deliverables by coordinating with different groups and taking ownership
- Troubleshooting issues in any of the environments
- Assisting with developing tactical strategies, processes and procedures related to systems/application administration
- Assisting in crafting appropriate identity and access management architectures
- Assisting in analyzing and sizing requirements
- Mentoring and supporting junior members
This role is very hands-on and requires at least seven years of experience developing, implementing, and supporting the following technologies:
- SSO technologies like SAML, OAuth 2, OpenID Connect
- ForgeRock platform – Access Manager, Directory Server, and Identity Gateway
- Custom ForgeRock code
- Amster to configure ForgeRock components through scripts and configuration files
- Security components like digital encryption, signatures, hashing, TLS, certificates, and private keys
- Applications/libraries using Java
- Tools to support production, monitoring, troubleshooting/debugging
- Linux including experience writing shell scripts
- Knowledge of FIDO and WebAuthn protocols
- Well-versed with source control (like GIT)
- Good communication skills