Senior Java oAuth Developer

About Crealogix

We are a well-established global leader in digital banking technology located in Central Europe. We are operating in a market of continuous growth and invest in the most advanced technologies. Dynamic project management, agile software development, and international teams are our key success factors.

For our Client – a multinational professional services company, we are looking for a highly skilled and experienced Senior Java oAuth Developer to join our team. The ideal candidate will have a strong background in designing, implementing, and securing authentication and authorization systems, with hands-on experience in OAuth, Keycloak, JWT tokens, and modern security protocols. You will play a key role in building secure, scalable, and user-friendly authentication solutions for our applications.

Responsibilities:

Design and Implement Authentication Systems:

• Design, develop, and maintain secure authentication and authorization systems.
• Implement OAuth 2.0 and OpenID Connect (OIDC) protocols for secure user authentication and authorization.
• Configure and manage Keycloak or similar identity and access management (IAM) solutions.

JWT Token Management:

• Implement and manage JSON Web Tokens (JWT) for secure token-based authentication.
• Handle token generation, validation, and expiration policies.
• Ensure secure storage and transmission of tokens.

Second-Factor Authentication (2FA):

• Implement second-factor authentication (2FA) mechanisms, such as TOTP (Time-Based One-Time Password), SMS-based OTP, or hardware tokens.
• Integrate 2FA into existing authentication flows.

Challenge-Response Mechanisms:

• Design and implement challenge-response authentication mechanisms for enhanced security.
• Ensure secure handling of client secrets, API keys, and other sensitive credentials.

Spring Boot and REST API Development:

• Develop and maintain RESTful APIs using Spring Boot.
• Implement secure and scalable backend services for authentication and authorization.
• Ensure APIs adhere to best practices for performance, security, and maintainability.

Reactive Development:

• Build reactive and non-blocking systems using Spring WebFlux or other reactive frameworks.
• Optimize applications for high concurrency and low latency.

Security Best Practices:

• Enforce security best practices for authentication and authorization, including secure password policies, encryption, and secure session management.
• Conduct security audits and vulnerability assessments for authentication systems.

Collaboration and Leadership:

• Collaborate with cross-functional teams, including product managers, security teams, and DevOps, to deliver secure and scalable solutions.
• Mentor junior developers and provide technical leadership in authentication and authorization.

Documentation and Compliance:

• Document authentication and authorization workflows, policies, and procedures.
• Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, or PCI-DSS

What you need:

• Proven experience in backend development with a strong focus on authentication and authorization systems.
• Expertise in OAuth 2.0, OpenID Connect (OIDC), JWT, and identity management solutions such as Keycloak.
• In-depth knowledge of security principles and best practices for authentication systems, including 2FA and challenge-response mechanisms.
• Expertise in Spring Boot and REST API development.
• Strong knowledge of reactive programming with Spring WebFlux.
• Familiarity with industry standards and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).
• Excellent problem-solving, communication, and collaboration skills.
• Nice to have: Experience in leading/ mentoring teams

What you can expect from us:

• Working with latest technologies 
• Lots of career development potentials (career-planning) 
• Challenging projects (mostly product/feature development) 
• International software development teams with distributed delivery groups 
• Private healthcare and Multisport card at employment of contract or reimbursement for it at B2B contract
• Training & education 
• Attractive remuneration 
• Language classes (usually business English; but not limited to) 
• Modern computer equipment
• Employee referral programme 
• Integrational meetings & events 

If you are interested, please send your CV in English.

#itjobs #springboot #java #oauth