Full-Stack Software Engineer

Manulife•Boston, MA

11d•$90,160 - $167,440•Hybrid

About The Position

Join our Customer Identity & Access Management (CIAM) engineering team as a full-stack engineer focused on CIAM using IBM Security Verify. You will help build secure, customer-friendly authentication and authorization experiences across our digital channels, working with Node.js and React under guidance from senior engineers. This role involves implementing and maintaining CIAM features such as registration, login, Multi-Factor Authentication (MFA), account recovery, consent, and profile management. You will also build and update Node.js/TypeScript APIs and microservices, develop React components for authentication user experience, and integrate with IBM Security Verify. A key aspect of this role is applying standards and best practices for OAuth 2.0, OpenID Connect (OIDC), and JSON Web Tokens (JWT), including Proof Key for Code Exchange (PKCE), across web and mobile flows. You will also implement secure session and token handling, contribute to security mitigations (CSRF/XSS/CORS), and manage secure cookie practices. The position requires writing tests, participating in code reviews, documenting features, and supporting CI/CD pipelines, environment configuration, and monitoring for identity services. You will also troubleshoot issues, triage bugs, and assist in root-cause analysis with senior guidance.

Requirements

1–2 years of software development experience (internships/co-ops included) or strong project-based portfolio.
Proficiency in JavaScript/TypeScript, Node.js (Express/NestJS), and React (Hooks, Context; basic state management).
Basic understanding of OAuth 2.0, OIDC, JWT, and web auth flows (authorization code + PKCE).
Familiarity with REST APIs, JSON, and front-end routing (React Router or Next.js).
Knowledge of core web security concepts: XSS, CSRF, CORS, secure cookies.
Experience with Git and CI/CD basics (GitHub Actions, GitLab CI, or Azure DevOps).
Strong problem-solving, willingness to learn, and attention to detail.

Nice To Haves

Exposure to IBM Security Verify (CIAM) configuration: apps, policies, MFA, branding, and user management.
Experience with MFA methods (TOTP, push, SMS/email) and WebAuthn/passkeys.
Understanding of accessibility (WCAG) and performance tooling (Lighthouse).
Familiarity with cloud platforms (AWS/Azure/GCP), Docker, and Terraform basics.
Experience with testing tools: Jest, React Testing Library, Cypress, Postman.

Responsibilities

Implement and maintain CIAM features: registration, login, MFA, account recovery, consent, and profile management using IBM Security Verify.
Build and update Node.js/TypeScript APIs and microservices (Express or NestJS) for auth and user profile flows.
Develop React components/pages for authentication UX (hosted pages and embedded widgets) with accessibility and performance in mind.
Integrate with IBM Security Verify: configure applications, policies, user directories, branding, and hooks; assist with SSO and social login setups.
Apply standards and best practices for OAuth 2.0, OIDC, and JWT (including PKCE) across web and mobile flows.
Implement secure session and token handling; contribute to CSRF/XSS/CORS mitigations and secure cookie management.
Write tests (unit/integration/e2e) and participate in code reviews; document features and runbooks.
Support CI/CD pipelines, environment configuration, and monitoring for identity services.
Troubleshoot issues, triage bugs, and assist in root-cause analysis with senior guidance.

Benefits

health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage
adoption/surrogacy and wellness benefits
employee/family assistance plans
various retirement savings plans (including pension/401(k) savings plans and a global share ownership plan with employer matching contributions)
financial education and counseling resources
up to 11 paid holidays
3 personal days
150 hours of vacation
40 hours of sick time (or more where required by law) each year
full range of statutory leaves of absence