Senior Lead Developer- SSO/Security (IDAM)
Why is our “IAM SSO Lead Developer” the next step for you?
Worldpay are building a centralized Identity and Access management service across the digital services offered to our customers. The team provide Single sign-on across the digital estate and through a wide variety of channels – Web apps, mobile and tablet apps and APIs. We use multitude of standards – SAML, JWT, OPIDC and OAuth among others. The team works in tandem with our Product colleagues, and we run a mix of Scrum, Kanban and lean methods across the Infrastructure and Software engineering teams.
How will you add value on a day-to-day basis?
Lead Developer will be a part of Software engineering delivery of a 247 service with 5 9’s uptime, where reputation management & security are critical to the business’ ongoing success. Building software that adheres to agreed KPIs and NFRs in Production; designs and engineers shippable code with stability, scalability and security in mind. Contributes to a high quality engineering pipeline, utilizing methodologies that ensure well tested, in service releases; ships software with a mindset of self ownership. Works with Product to define approaches to feature delivery; is able to break down stories and allocate technical tasks, ensuring atomic acceptance criteria and testable units of code. Believes in Continuous Delivery of shippable software; approaches development using TDD, BDD, & CI, and is committed to continuous delivery using in an Agile Scrum environment.
What will make you the ideal candidate?
10+ years of experience in integrating identity management and access management into applications
- SME in Identity management and a go to person
- Ability to differentiate between identity and credentials
- Strong understanding of RBAC; ABAC and experience in designing Joiners, Movers Leavers (JML) process.
- Strong experience in designing and developing REST web services
- Ability to use OIM or other Identity tool set to implement Identity/ account/entitlement/credentials
- Work experience with identity management related protocols such as OAuth, SAML (at least one of this)
- Strong knowledge of SSO solutions (on-domain, federated & delegated)
- Some experience of using SSL, certificates and PKI
- Good knowledge of Java security – especially JAAS (and it’s use)
- Experience implementing authorization and security in Spring security or other JAAS/security frameworks.
- Understanding of REST and different API standards and security
- Knowledge of fine grained authorization patterns and technologies
- Experience of cryptography & its application in secure inter-application communications and messaging.
- Know when to exhaust configuration options before customization
- Have proven experience for “creative configuration” to solve un-usual problems – imaginative out of the box solutions
- Experience in formulating and implementing password polices
- Previous experience on a project that involved integrating an Identity Management system with custom in-house applications
- Excellent grasp of Identity and it’s lifecycle
- Have designed POCs to inform design and be hands on when needed.
- SCIM – Some knowledge
- Web Application servers (e.g. WebLogic, Spring boot, Tomcat)
- Awareness of OWASP
- Strong experience in working in both Agile and DevOps environments; is familiar with planning sessions, estimation and ensures that all engineering tasks are recorded in the ticketing systems and story walls
- Is able to interpret engineering requirements using a variety of artifacts, including stories, wireframes and physical, logical, sequence & ERD diagrams where necessary.
- Specific strong Java experience in Spring Framework, Hibernate, RESTful services
- Absolutely must understand & develop in a Test Driven way from Component to Unit of Work
- Strong performance testing exposure
- Strong experience in working in both Agile DevOps environments; is familiar with planning sessions, estimation and ensures that all engineering tasks are recorded in the ticketing systems and story walls (Altassian)
- Strong experience in designing and documenting software platforms including physical, logical, sequence & ERD diagrams where necessary.
- Experience in the stability requirements of a global business; is able to design and implement responsive, self-healing resilient platforms; experience of fault-tolerant online businesses is a necessity
- Knowledge of web application security- DDOS prevention, is astutely aware of XSS vulnerabilities and untrusted content
How is Worldpay changing the world?
We are leaders in modern money. Each and every time you use your debit card or credit card to pay for something, whether online or face-to-face, there’s a good chance it happened because of us. On an annual basis our innovations, systems and technology enable billions of money transactions globally. Working with customers large and small, we help them to take your payments quickly, safely and reliably, allowing them to grow their businesses and making your life more convenient in the process. As a leader in global Fin-Tech and the largest London IPO since 2011, this is a great time to join us in building for the next phase of the Worldpay journey
Indore / India
Tech and Engineering
November 17, 2017