← Back to jobs
Affirm
Affirm

Senior CIAM Software Engineer

engineeringfull-timeRemote US
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
fintech
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

What you’ll do

  • Design, build, and operate core CIAM backend services that support customer registration, authentication, authorization, account lifecycle, and profile management for B2C and B2B platforms.
  • Implement and extend identity standards such as OAuth 2.0, OIDC, SAML, and SCIM in code, ensuring correctness, scalability, and clean integration patterns.
  • Develop backend APIs and services in Python and Kotlin that expose identity capabilities to web, mobile, and partner applications.
  • Integrate CIAM platforms with internal systems, including user data stores, messaging, fraud signals, and downstream customer platforms.
  • Own secure authentication and account flows end to end, including MFA, step-up authentication, device binding, consent, and adaptive authentication logic.
  • Automate CIAM infrastructure and deployments using Infrastructure as Code and CI/CD pipelines, treating identity as a core platform service.
  • Monitor, debug, and optimize CIAM services for performance, resilience, and abuse detection in high-scale environments.

What we look for

  • Strong experience designing and implementing CIAM systems, with deep, hands-on knowledge of OAuth 2.0, OIDC, SAML, and SCIM beyond basic configuration.
  • 5+ years of professional backend software engineering experience
  • Strong production experience in Python or a similar backend language
  • Experience designing APIs, automation frameworks, and distributed systems
  • Hands-on experience building and maintaining CI/CD pipelines
  • Experience with GitHub-based development workflows and Buildkite or similar build systems
  • Experience with cloud-native development, preferably AWS
  • Hands-on experience extending and integrating CIAM platforms such as Okta, Auth0, Ping Identity, ForgeRock, or Azure AD B2C using custom code, hooks, and APIs.
  • Solid understanding of backend and distributed systems fundamentals, including API design, data modeling, latency, error handling, and observability.
  • Experience with Infrastructure as Code and automation tools such as Terraform, plus CI/CD pipelines for deploying backend services.
  • Strong security fundamentals applied through engineering, including access control models, token handling, encryption, MFA, and privacy by design.
  • Clear communication skills and the ability to work closely with product, frontend, mobile, and security teams while owning backend identity services.
  • Familiarity with tools such as Cursor and other AI-augmented development environments
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Senior CIAM Software Engineer at Affirm — Remote