Senior Software Engineer - Permission & Identity

Do you want to help us shape what the future of work will look like and how it will best embrace our life's aspirations? If this sounds like a journey you want to embark on, we may have the right role for you!

PayFit is an intuitive cloud-based payroll and employee management solution designed specifically for SMBs. Since 2015, we have set ourselves a mission to simplify payroll for SMBs and enable employers and employees to grow together. We are a European company operating from 3 main countries (France, Spain, and the UK) where we are supporting over 9500 clients. 

Creating a fulfilling work environment and culture is also a core mission at PayFit, and our day-to-day work philosophy is reflected in our four values:

We genuinely care for others whoever they are, whatever they think

We aim to improve and achieve better results every day

Staying humble and exchanging transparent feedback helps us to grow and improve

We are the architects of PayFit´s success

A key part of our culture, and essential for our success, is also improving the diversity of our teams and building an inclusive culture where you can be yourself at work. 

This is why our recruitment focuses on the skills you demonstrate, and not only on your academic background or previous professional experiences. At PayFit we understand that you can gain applicable skills through a variety of life experiences and we are interested in knowing them, too.

You will play a pivotal role in handling the intricate and critical tasks of authentication, authorization, audit logs, and activity logs. 

- Product Evolution in a Secured and reliable Context: Collaborate closely with our dedicated “great” Product and Design squad members to ensure that as our product evolves its security remains robust. Your insight into the rich concepts of AuthN and AuthZ will play a pivotal role in making this a reality. You will need to lead and facilitate the roadmap definition, and translate the streams into comprehensible and pragmatic tasks.  

- Architectural Mastery in Security: Take charge of conceptualizing, crafting, and evolving PayFit’s authentication and authorization frameworks. Dive deep into OAuth, SAML, JWT, OpenID Connect, and other industry-standard protocols to ensure that our systems are not only compliant but set benchmarks for PayRoll and HRIS businesses.

- Token Lifecycle Management: Map the generation, refresh, and revocation processes for access and refresh tokens, ensuring optimal lifecycles and minimizing potential security risks against our critically sensitive customer data portfolio.

- Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC), Relation-Based Access Control (ReBAC): Help fine-tuning our current permissioning system(s), ensuring that users only access the resources they're entitled to. Your understanding of RBAC, ABAC and ReBAC models will be crucial in designing and maintaining these controls.

- Secure API Endpoints: Work on ensuring our API endpoints are well secured using best practices such as OAuth scopes and API gateways ensuring a secure end-to-end communication within our ecosystem.

- Integration with Identity Providers (IdPs): Whether it's integrating with internal IdPs or external ones like Google and Okta, your experience will ensure a good understanding of seamless and secure integrations and align with future strategy decisions.

- Audit and Logging: Challenge the current implementation and participate in the refinement of detailed audit trails for all authenticated and authorized events, enabling any abnormal behavior detection and investigations. You will also be key in creating a solid bridge with our current Domain and Event community leveraging our current Messaging mechanism’s capabilities. 

- Cross-Functional Collaboration: Collaborate with various teams and tribes, ensuring that all new features and services are developed with security at their core. Your expertise will be crucial in guiding our communication and customer satisfaction colleagues.

- Education and Advocacy: Serve as the go-to expert for all things related to authentication and authorization, mentoring teams, leading workshops, and, with the help of our security colleagues, ensure a good security awareness within PayFit.

We will be impressed if you show these qualities:

- Protocol Proficiency: Hands-on expertise with a wide array of AuthN and AuthZ protocols, showcasing the ability to challenge the existing and select the right tool for the job and implement it flawlessly.

- Adaptive Threat Modeling: A keen ability to anticipate and model potential security threats, especially in the realm of identity and access, and design systems and subsystems that preemptively address these threats.

- Systems Integration: Experience in seamlessly integrating various systems using secure end-to-end authentication and authorization mechanisms, be it integrating with a third-party mechanism solution or an internal solution.

This role is for you if :

- You have a solid understanding of software fundamentals (Data Structures, Software Architecture, Design Patterns)

- You demonstrated expertise in conceptualizing, architecting, and overseeing the implementation of cloud solutions, intricate systems design, and vast distributed systems.

- You are experienced in software development, specifically in cloud architectures, systems design and distributed systems

- You strive to understand, synthesize, and communicate complex technical concepts and business problems

- You are a doer with a creative force and a high attention to detail: strive for the highest quality with an iterative approach mindset

- You are a real team player who wants to build a big success story with us

- You are receptive to feedback, to be mentored and to mentor others. We're caring and make sure everyone can grow. You will be empowered. You will empower others.

- You speak English fluently and you want to work in an international and dynamic environment

If you think you would be a good fit even if you don't meet 100% of the requirements, we would love to hear from you!

We stand at the forefront of our security and user experience initiatives, ensuring that our clients have a seamless and secure journey when authenticating and interacting with the multiple components of our platform.

Recently, the team successfully transitioned our authentication system to Auth0, a sophisticated identity platform that ensures robust security and reliability for our 300,000 monthly active users.

This migration was not just a technical challenge, but also a proof of our commitment to providing cutting edge security and end-user experience. This transition involved extensive collaboration with other teams and tribes, in-depth technical architectural changes, and rigorous testing phases to guarantee a seamless user experience.

1. First you will meet a Talent Acquisition Specialist for a discovery call (45 min)

2. Next step will be a meeting with Louis, Engineering Manager (45 min)

3. You will go through a live technical code exercise with Kilian & Clément (60 min)

4. Then you will have a System Design live discussion with Stephen (45 min)

5. Next step would be having a discussion Damian, Engineering Director (30 min)

6. Then, you will meet "Permission & Identity" squad through a coffee (30min)

Flexibility: We believe that to produce your best work and to be fulfilled, you should be free to choose what working arrangements suit you best. You can work from any place within Spain with the possibility to work abroad for some period of time.

Learning & Development: At PayFit we have a great learning platform where you can learn new skills every day with the support of our company. We also have English language courses to improve your business communication vocabulary and get to the next level.

Career Development: We want you to progress and be free to choose which direction you want to grow. There are also opportunities for internal moves.

Health promotion: Gym subscription (AndJoy) with a preferential rate.

Meals: 6 EUR lunch voucher per workday with our partner Edenred.

Transportation: 50 % of public transport card covered by PayFit .

Health Insurance: Full coverage on private insurance with Sanitas.

Parental support program: Support with a nursery for your child.

Home office budget to help you get set up in the best conditions. A MacBook as our standard working tool.

Time off: 25 days of holidays per year.