Lead Full-Stack Engineer - IAM

Education/Experience: Bachelor's in computer engineering (or equivalent); 12+ years in enterprise software; 5+ years leading teams/serving as tech lead. Architecture & Design: Proven ability to design scalable, secure, highly available systems; clear documentation; lead design reviews and decision-making. Engineering Stack: Java/J2EE, Spring (Boot/Core), Spring Security; Angular/TypeScript for front end with migration from legacy JSP to modern Angular; strong REST API design, versioning, testing, and governance; integration with enterprise identity providers. Identity & Access: LDAP, SiteMinder, Active Directory; authentication/authorization models; MFA design and implementation; SSO and federation fundamentals. Security: Web app security, API security, OAuth2/OpenID Connect, token flows, secure session management, threat modeling, and secure coding practices. Data & Persistence: Oracle (or similar DBMS); schema design, SQL optimization, transaction integrity, and performance tuning. DevOps & Delivery: Git-based CI/CD pipelines, automated testing, environment promotion, release readiness, secrets/config management. Reliability & Operations: Troubleshooting, incident/problem management, root-cause analysis; application debugging; performance profiling and optimization; observability (logging, metrics, tracing) and auditability. Leadership & Communication: Hands-on ownership, stakeholder management, clear communication of architecture/trade-offs to senior leadership; ability to mentor and coach engineers; strong interpersonal skills. Experience with enterprise web app security reviews and threat modeling. Familiarity with authorization frameworks (RBAC/ABAC) and policy-as-code. Exposure to SSO, identity federation, and integrating with enterprise IdPs. 50-70% individual contribution (design, coding, reviews); remainder spent on technical leadership and stakeholder alignment. Own critical decisions, operational readiness, and measurable reliability/security outcomes.