Principal-level Engineer (ACL & Authorization Systems)

We’re Devopsbay - MLOPS, DevOps and AI Specialists. We know how nodes works, how to make the cloud cheaper or adapt AI to boost any area that companies need (any many more). We support our clients with strong engineers on a project basis and are always on the lookout for stellar performers. Our clients are at the cutting edge of modern solutions. We also develop our inhouse products: https://descrb.com/ & https://defencebay.com/ 

Currently, we’re working with a client specialising in AI solutions at scale. The platform helps automate and scale ML processes, allowing access regardless of technical prowess. 

Scope of Work:Design and deliver a complete ACL hydration and enforcement service that normalizes permissions from external systems (e.g., Google Drive, SharePoint) into a canonical ACL model.

Responsibilities include:

• Building reliable full and incremental ingestion pipelines for document- and folder-level ACLs,

• Resolving principals and nested groups, and persisting versioned, queryable authorization data,

• Implementing real-time authorization checks (authz) with p95 latency within milliseconds,

• Integrating with a policy engine supporting group expansion and external group mappings (Google Groups, LDAP/SAML),

• Ensuring production-grade observability, backfill/reconciliation jobs, and failure recovery mechanisms,

• Collaborating with Security, IT, and Data teams to drive MVP, staging rollout, and production deployment.

Required Skills and Competencies:

• 10–15+ years of experience in authorization systems, identity federation, and group membership resolution at scale,

• Expertise in:

  • SAML 2.0

  • LDAP

  • SCIM/Directory APIs (Google Workspace Admin SDK)

  • Microsoft Graph / SharePoint

• Strong backend and distributed systems knowledge (e.g., Python),

• Experience with graph modeling of ACLs and Redis-based low-latency policy evaluation,

• Proven delivery on cloud-native platforms (Kubernetes, Terraform, AWS/GCP/Azure),

• Competencies include systems thinking, property-based testing, chaos engineering, replay testing, cross-functional leadership, and the ability to handle complex, high-impact platform work

Benefits:

• B2B contract

• International projects, often at the cutting edge of technology

• Experienced team - exchange your expertise with other passionate engineers

• A challenging yet thriving work environment - we push ourselves to be better everyday

• Modern tech stacks

• Remote working possibilities

• Flexible hours

• Learning budget

• Integration meetings

• Medical package & Multisport