Sr API & ID (Senior Software Engineer, Identity & APIs)

The Subway HR Team•Shelton, CT

1d•Onsite

About The Position

Subway is on a mission to build a world-class digital platform that serves millions of guests and thousands of franchise locations globally. The Senior Software Engineer, Identity & APIs is a key technical contributor on the team responsible for how guests authenticate and interact with Subway’s digital ecosystem. You’ll own and evolve Subway’s Customer Identity platform — built on AWS Cognito — delivering secure, seamless login experiences including passwordless authentication and social sign-on across Mobile App, Web, and Kiosk. You’ll bring deep expertise in security engineering and data privacy compliance, ensuring Subway’s identity infrastructure meets CCPA, GDPR, and global regulatory standards. AI-assisted development is a core part of how our team works.

Requirements

5 or more years of hands-on production software development experience.
Demonstrated experience designing and operating Customer Identity platforms — AWS Cognito strongly preferred.
Hands-on experience implementing passwordless authentication (magic links, passkeys/WebAuthn, OTP) and social sign-on (OAuth 2.0 / OIDC with Google, Apple).
Deep knowledge of identity and authentication standards: OAuth 2.0, OpenID Connect, SAML, JWT, and session management best practices.
Proven expertise in security engineering: threat modeling, secure SDLC, OWASP Top 10, and identity attack mitigations.
Hands-on experience with data privacy compliance — CCPA and GDPR at minimum.
Strong proficiency in one or more of: JavaScript/TypeScript (Node.js), Java, or C#.
Proficiency with AI-assisted development tools (GitHub Copilot, Claude, or equivalent).
Bachelor’s degree or higher in Computer Science, Software Engineering, or a related field (or equivalent practical experience).

Responsibilities

Own the design, development, and operation of Subway’s Customer Identity platform — built on AWS Cognito — supporting passwordless authentication, social sign-on (Google, Apple), and traditional credential flows across Mobile App, Web, and Kiosk channels.
Enforce security best practices and data privacy compliance (CCPA, GDPR, and evolving global regulations) across all identity and API surfaces. Conduct security design reviews, threat modeling, and privacy-by-design assessments.
Design, develop, and document APIs and middleware integrations that connect identity services with Subway’s front-end applications and back-end systems.
Leverage AI-assisted development tools (GitHub Copilot, Claude, and similar) as a core part of daily engineering work. Champion AI tooling adoption across the team.
Collaborate with product, legal, and security stakeholders to translate regulatory requirements and business needs into scalable, compliant identity architecture.
Conduct code reviews with a security and privacy lens; provide mentorship to peers on identity patterns and secure coding standards.