Apply on Employer Site

Bestow · 6 hours ago

Engineering Manager - Identity and Access Management Platform

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

Bestow is a leading vertical technology platform serving the life insurance industry. As an Engineering Manager for the IAM Team, you will lead a team of Backend Software Engineers, focusing on developing scalable identity and access management solutions while collaborating with various teams across the company.

Developer APIsFinTechInsuranceInsurTechLife Insurance

Comp. & Benefits

Responsibilities

Remain hands-on in the code and actively participate in system design and architecture decisions

Regularly review pull requests, providing thoughtful feedback that elevates code quality

Partner with engineers on complex technical challenges, offering guidance without micromanaging

Drive large initiatives from conception through delivery

Lead Auth0 optimization efforts including migration from Authorization Extension to Authorization Core, implementing proper Organizations structure for multi-tenancy, and establishing connection pooling strategies

Architect authentication/authorization separation to enable independent scaling, caching, and policy management across enterprise partnerships

Design token management strategies including hierarchical token structures, configurable token policies, and intelligent refresh patterns to optimize Auth0 costs

Implement SCIM integration for automated user provisioning without manual intervention

Support partner-specific requirements including biometric re-authentication, extended refresh tokens, multi-policy token inheritance, and regulatory-driven audit requirements

Orchestrate effective engineering ceremonies that promote collaboration and continuous improvement

Create personalized growth plans for each team member, identifying strengths and development areas

Provide regular, constructive feedback and create opportunities for engineers to expand their skills

Balance technical excellence with business objectives

Demonstrate sound judgment when making technical trade-offs

Communicate complex technical concepts clearly to both technical and non-technical stakeholders

Qualification

GoKubernetesAuth0OAuth 2.0 / OIDCPostgreSQLDockerAPI designMulti-Tenant ArchitectureToken ManagementLeadershipCommunicationProblem-solvingOrganizational skills

Required

Bachelor's Degree or equivalent experience required

8+ years professional experience in the software industry, with at least 1 year of management experience while keeping your coding skills strong

Professional experience with Go preferred

Comfortable using Docker for local software development

Familiar with modern, scalable system architectures (load balancing, horizontal scaling, etc.)

Experience with PostgreSQL or other relational databases (comfortable writing ANSI SQL)

Familiar with API design tools/languages (Protocol Buffers, Swagger, OpenAPI, etc.)

Cloud computing & Kubernetes (or similar container orchestration) preferred

Identity Provider Expertise: Hands-on experience with Auth0, Okta, or similar identity platforms including tenant/organization configuration, connection management, and Rules/Actions

OAuth 2.0 / OIDC: Deep understanding of OAuth 2.0 flows, OpenID Connect, token types (access, refresh, ID tokens), and JWT structure/validation

Multi-Tenant Architecture: Experience designing authentication systems that support multiple organizations with tenant isolation, partner-specific branding, and SSO configurations

Authorization Patterns: Familiarity with RBAC, ABAC, and policy-based access control; experience separating authentication from authorization concerns

Token Management: Understanding of token lifecycle management including caching strategies, rotation policies, revocation mechanisms, and optimization for scale

SCIM/Provisioning: Experience with SCIM protocol for automated user provisioning and de-provisioning workflows

Enterprise SSO: Experience integrating SAML 2.0 and OIDC-based SSO connections for B2B partnerships

Security & Compliance: Understanding of authentication security best practices, audit logging requirements, and regulatory compliance (HIPAA, state insurance regulations)

Deep understanding of the entire software development lifecycle, including feature inception, system maintenance, continuous integration and release strategies, and GenAI developer tooling

Ability to track key metrics and consistently meet established Service Level Agreements (SLAs)

Ability to understand complex technical problems and identify areas of risk

Ability to go deep technically when necessary—you should be able to contribute changes to the team's codebases at any time

Highly organized and detail-oriented

Proven track record of building and retaining high-performing teams

Strong problem-solving abilities

Excellent communication and collaborative attitude

End-to-end ownership mentality