Senior Software Engineer

About The Position

Requirements

• 8+ years of software development or production operations experience in a large-scale environment
• Bachelor's Degree or equivalent experience preferred
• Strong programming skills in Golang and Java, ability and willingness to learn Swift, Rust, Python and TypeScript as you will be building client frameworks for customers operating in all of these languages
• Experience building and operating high-performant client SDKs and libraries with features such as caching, online and offline configuration updates, major version releases, breaking changes, feature flagging and similar concepts
• Knowledge of securing APIs, including input validation, mTLS, authentication, and authorization mechanisms for RESTful and gRPC APIs

Nice To Haves

• Experience designing and implementing SDK architecture patterns including dependency injection, plugin systems, retry logic, and error handling strategies
• Deep understanding of Identity and Access Management (IAM) concepts including RBAC, ABAC, OAuth, OpenID Connect, as well as Policy-as-Code systems like Open Policy Agent and Rego
• Knowledge of client-side security best practices including secure credential storage, token refresh patterns, and protection against common attacks (CSRF, XSS, token leakage)
• Experience with cross-platform SDK development and maintaining API consistency across different programming languages and runtime environments
• Understanding of backward compatibility strategies for SDK versioning, deprecation policies, and migration paths for breaking changes
• Experience with monitoring and telemetry in client libraries including error reporting, usage analytics, and performance metrics collection

Responsibilities

• Designing and implementing client libraries and SDKs to bolster our overall security posture throughout the organization.
• Building Security Frameworks in multiple languages (Java, Go, Swift, Rust, TypeScript)
• Working with our partner engineering team to ensure that these frameworks are integrated into our partner team’s services to perform request verification, token issuance and exchange, authentication, authorization, durable decision logging, policy updates and caching.
• Setting high standards and deliver on ASE’s vision for our security protocols, working with engineering teams as they incorporate secure practices and tools into their development processes.