{"id":5616,"date":"2026-02-06T16:35:26","date_gmt":"2026-02-06T16:35:26","guid":{"rendered":"https:\/\/cephasconsult.biz\/?post_type=job_listing&#038;p=5616"},"modified":"2026-03-09T00:16:59","modified_gmt":"2026-03-09T00:16:59","slug":"lead-i-software-engineering-node-js-developer-with-okta-oauth-13492","status":"expired","type":"job_listing","link":"https:\/\/cephasconsult.biz\/?post_type=job_listing&p=5616","title":{"rendered":"Lead I &#8211; Software Engineering (Node.JS Developer with Okta\/Oauth) 13492"},"content":{"rendered":"<p><span class=\"flex-shrink-0\">Positions:<span class=\"font-semibold\">3 <\/span><\/span><span class=\"flex-shrink-0 font-semibold\">Full Time<\/span><\/p>\n<div class=\"font-inter-regular-paragraph2 text-cbrex-light-neutral-800 capitalize grid grid-cols-3 gap-x-1\">\n<div class=\"col-span-1\">Experience<\/div>\n<div class=\"font-inter-semibold-paragraph2  text-cbrex-light-surface-pb col-span-2\">5 &#8211; 10 Years<\/div>\n<\/div>\n<div><\/div>\n<div>\n<div class=\"transform scale-100 opacity-100\">\n<div id=\"headlessui-disclosure-panel-:ro7:\">\n<div class=\"relative flex flex-col gap-y-2 border-b bg-cbrex-light-neutral-50 py-3 px-4 text-sm text-cbrex-light-neutral-700\">\n<div id=\"jobDescriptionViewer\" data-cy=\"jobDescriptionViewerCbrexEditorViewer\">\n<div class=\"toastui-editor-contents\">\n<div data-nodeid=\"704\">\n<p><span data-raw-html=\"span\">We\u2019re looking for a backend engineer with strong <\/span><strong><span data-raw-html=\"span\">Node.js<\/span><\/strong><span data-raw-html=\"span\"> expertise to build secure, scalable APIs and platform integrations. You\u2019ll lead authentication\/authorization implementations (Okta, OAuth\/OIDC\/SAML), modernize legacy access policies, and deliver resilient services on <\/span><strong><span data-raw-html=\"span\">Azure\/Kubernetes<\/span><\/strong><span data-raw-html=\"span\"> with production?grade observability.<\/span><\/p>\n<p><strong><span data-raw-html=\"span\">Key Responsibilities<\/span><\/strong><\/p>\n<ul>\n<li><span data-raw-html=\"span\">Design, build, and maintain <\/span><strong><span data-raw-html=\"span\">Node.js<\/span><\/strong><span data-raw-html=\"span\"> backend services and <\/span><strong><span data-raw-html=\"span\">REST APIs<\/span><\/strong><span data-raw-html=\"span\"> with robust reliability, performance, and security.<\/span><\/li>\n<li><span data-raw-html=\"span\">Implement <\/span><strong><span data-raw-html=\"span\">authentication &amp; authorization<\/span><\/strong><span data-raw-html=\"span\"> using <\/span><strong><span data-raw-html=\"span\">Okta APIs<\/span><\/strong><span data-raw-html=\"span\">; handle <\/span><strong><span data-raw-html=\"span\">token\/session<\/span><\/strong><span data-raw-html=\"span\"> lifecycle and hardening.<\/span><\/li>\n<li><strong><span data-raw-html=\"span\">Migrate SiteMinder policies<\/span><\/strong><span data-raw-html=\"span\"> to modern identity\/access patterns (OIDC\/SAML\/OAuth 2.0).<\/span><\/li>\n<li><span data-raw-html=\"span\">Integrate securely with internal and external <\/span><strong><span data-raw-html=\"span\">platform services<\/span><\/strong><span data-raw-html=\"span\"> and data sources.<\/span><\/li>\n<li><span data-raw-html=\"span\">Own <\/span><strong><span data-raw-html=\"span\">API design<\/span><\/strong><span data-raw-html=\"span\"> (standards, versioning, documentation), error handling, idempotency, and rate limiting.<\/span><\/li>\n<li><span data-raw-html=\"span\">Ensure comprehensive <\/span><strong><span data-raw-html=\"span\">automated testing<\/span><\/strong><span data-raw-html=\"span\"> (unit, integration, system, regression) and CI\/CD health.<\/span><\/li>\n<li><span data-raw-html=\"span\">Operate services on <\/span><strong><span data-raw-html=\"span\">Azure<\/span><\/strong><span data-raw-html=\"span\"> with <\/span><strong><span data-raw-html=\"span\">Kubernetes<\/span><\/strong><span data-raw-html=\"span\"> (containerization, helm\/manifests, secrets, config, scaling).<\/span><\/li>\n<li><span data-raw-html=\"span\">Implement <\/span><strong><span data-raw-html=\"span\">observability<\/span><\/strong><span data-raw-html=\"span\"> with <\/span><strong><span data-raw-html=\"span\">Splunk<\/span><\/strong><span data-raw-html=\"span\"> and <\/span><strong><span data-raw-html=\"span\">Datadog<\/span><\/strong><span data-raw-html=\"span\"> (dashboards, s, SLOs).<\/span><\/li>\n<li><span data-raw-html=\"span\">Collaborate with Security\/Architecture on <\/span><strong><span data-raw-html=\"span\">threat modeling<\/span><\/strong><span data-raw-html=\"span\">, secrets management, and compliance.<\/span><\/li>\n<li><span data-raw-html=\"span\">Continuously improve code quality, reliability, and developer experience.<\/span><\/li>\n<\/ul>\n<p><strong><span data-raw-html=\"span\">Required Qualifications<\/span><\/strong><\/p>\n<ul>\n<li><strong><span data-raw-html=\"span\">5+ years<\/span><\/strong><span data-raw-html=\"span\"> of backend development with a strong focus on <\/span><strong><span data-raw-html=\"span\">Node.js<\/span><\/strong><span data-raw-html=\"span\"> (TypeScript preferred) and API engineering.<\/span><\/li>\n<li><span data-raw-html=\"span\">Proven experience implementing <\/span><strong><span data-raw-html=\"span\">Okta?based<\/span><\/strong><span data-raw-html=\"span\"> auth flows; deep familiarity with <\/span><strong><span data-raw-html=\"span\">OAuth 2.0, OIDC, SAML<\/span><\/strong><span data-raw-html=\"span\">.<\/span><\/li>\n<li><span data-raw-html=\"span\">Solid knowledge of <\/span><strong><span data-raw-html=\"span\">token\/session management<\/span><\/strong><span data-raw-html=\"span\"> (PKCE, refresh tokens, rotation, revocation, scopes).<\/span><\/li>\n<li><span data-raw-html=\"span\">Hands?on experience building <\/span><strong><span data-raw-html=\"span\">RESTful<\/span><\/strong><span data-raw-html=\"span\"> services and integrating with third?party\/internal platforms.<\/span><\/li>\n<li><span data-raw-html=\"span\">Proficiency with <\/span><strong><span data-raw-html=\"span\">datastores<\/span><\/strong><span data-raw-html=\"span\">: <\/span><strong><span data-raw-html=\"span\">RDBMS<\/span><\/strong><span data-raw-html=\"span\"> (e.g., PostgreSQL\/SQL Server) and <\/span><strong><span data-raw-html=\"span\">MongoDB<\/span><\/strong><span data-raw-html=\"span\"> (schema design, indexing, performance).<\/span><\/li>\n<li><span data-raw-html=\"span\">Experience deploying to <\/span><strong><span data-raw-html=\"span\">Azure<\/span><\/strong><span data-raw-html=\"span\"> and orchestrating workloads on <\/span><strong><span data-raw-html=\"span\">Kubernetes<\/span><\/strong><span data-raw-html=\"span\"> (containers, networking, ingress, resilience).<\/span><\/li>\n<li><span data-raw-html=\"span\">Practical use of <\/span><strong><span data-raw-html=\"span\">Splunk<\/span><\/strong><span data-raw-html=\"span\"> and <\/span><strong><span data-raw-html=\"span\">Datadog<\/span><\/strong><span data-raw-html=\"span\"> for logs\/metrics\/traces; creating actionable dashboards\/s.<\/span><\/li>\n<li><span data-raw-html=\"span\">Strong testing discipline: <\/span><strong><span data-raw-html=\"span\">unit, integration, system, regression<\/span><\/strong><span data-raw-html=\"span\"> and contract testing.<\/span><\/li>\n<li><span data-raw-html=\"span\">Comfortable with modern <\/span><strong><span data-raw-html=\"span\">SDLC tooling<\/span><\/strong><span data-raw-html=\"span\">: <\/span><strong><span data-raw-html=\"span\">Jira, Confluence, Git, Jenkins<\/span><\/strong><span data-raw-html=\"span\"> (SVN experience a plus).<\/span><\/li>\n<li><span data-raw-html=\"span\">Bachelor\u2019s degree (BE, MCA, or equivalent) in <\/span><strong><span data-raw-html=\"span\">Computer Science<\/span><\/strong><span data-raw-html=\"span\">, Engineering, or related field.<\/span><\/li>\n<\/ul>\n<p><strong><span data-raw-html=\"span\">Core IAM Concepts<\/span><\/strong><\/p>\n<ul>\n<li><strong><span data-raw-html=\"span\">Authentication &amp; Authorization protocols:<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">OIDC\u00a0(OpenID Connect)<\/span><\/strong><span data-raw-html=\"span\">\u00a0\u2013 flows, ID token handling<\/span><\/li>\n<li><strong><span data-raw-html=\"span\">OAuth 2.0<\/span><\/strong><span data-raw-html=\"span\">\u00a0\u2013 grant types, scopes, refresh tokens<\/span><\/li>\n<li><strong><span data-raw-html=\"span\">PKCE (Proof Key for Code Exchange)<\/span><\/strong><span data-raw-html=\"span\">\u00a0\u2013 why and how it\u2019s used<\/span><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Session Management:<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><span data-raw-html=\"span\">Session creation, renewal, and termination<\/span><\/li>\n<li><span data-raw-html=\"span\">Handling session timeouts and re-authentication<\/span><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Token Handling:<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><span data-raw-html=\"span\">Access token vs ID token vs refresh token<\/span><\/li>\n<li><span data-raw-html=\"span\">Token validation and expiration strategies<\/span><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Login\/Logout Flows:<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><span data-raw-html=\"span\">Standard login\/logout<\/span><\/li>\n<li><strong><span data-raw-html=\"span\">Universal Logout<\/span><\/strong><span data-raw-html=\"span\">\u00a0(single sign-out across apps)<\/span><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Single Sign-On (SSO):<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Inbound SSO<\/span><\/strong><span data-raw-html=\"span\">\u00a0\u2013 integrating external identity providers (e.g., Okta as IdP)<\/span><\/li>\n<li><strong><span data-raw-html=\"span\">Outbound SSO<\/span><\/strong><span data-raw-html=\"span\">\u00a0\u2013 enabling apps to act as IdP for other services<\/span><\/li>\n<li><span data-raw-html=\"span\">Federation concepts (SAML, OIDC)<\/span><\/li>\n<\/ul>\n<ul>\n<li><strong><span data-raw-html=\"span\">Security Best Practices:<\/span><\/strong><\/li>\n<\/ul>\n<ul>\n<li><span data-raw-html=\"span\">CSRF, XSS prevention in login flows<\/span><\/li>\n<li><span data-raw-html=\"span\">Secure storage of tokens (browser vs server)<\/span><\/li>\n<\/ul>\n<p><span data-raw-html=\"span\">\u00a0<\/span><\/p>\n<p><strong><span data-raw-html=\"span\">Additional comments<\/span><\/strong><\/p>\n<ul>\n<li><span data-raw-html=\"span\">Implementing\u00a0<\/span><strong><span data-raw-html=\"span\">secure login\/logout flows<\/span><\/strong><span data-raw-html=\"span\">\u00a0in SPAs or web apps<\/span><\/li>\n<li><span data-raw-html=\"span\">Handling\u00a0<\/span><strong><span data-raw-html=\"span\">redirects<\/span><\/strong><span data-raw-html=\"span\">\u00a0for OIDC\/OAuth flows<\/span><\/li>\n<li><span data-raw-html=\"span\">Integration with\u00a0<\/span><strong><span data-raw-html=\"span\">Okta Sign-In Widget<\/span><\/strong><span data-raw-html=\"span\">\u00a0or custom login pages<\/span><\/li>\n<li><span data-raw-html=\"span\">Handling\u00a0<\/span><strong><span data-raw-html=\"span\">SSO flows<\/span><\/strong><span data-raw-html=\"span\">\u00a0(inbound and outbound) in UI<\/span><\/li>\n<li><span data-raw-html=\"span\">Error handling for authentication failures<\/span><\/li>\n<\/ul>\n<p><strong><span data-raw-html=\"span\">Preferred (Not Mandatory)<\/span><\/strong><\/p>\n<ul>\n<li><span data-raw-html=\"span\">Familiarity with\u00a0<\/span><strong><span data-raw-html=\"span\">Okta platform<\/span><\/strong><span data-raw-html=\"span\">\u00a0(Sign-In Widget, SDKs, API)<\/span><\/li>\n<li><span data-raw-html=\"span\">Experience in\u00a0<\/span><strong><span data-raw-html=\"span\">migration projects<\/span><\/strong><span data-raw-html=\"span\">\u00a0from legacy IAM systems (e.g., SiteMinder)<\/span><\/li>\n<\/ul>\n<p><strong>Skills:<\/strong>Node.Js, API, OAuth\/Okta, SSO, Session, Token, Login\/Logout, JWT<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"author":1,"featured_media":0,"template":"","meta":{"_job_location":"Kochi, Bangalore, Chennai, Hyderabad, Pune, Thiruvananthapuram , India","_application":"hrm@cephasconsult.biz","_company_name":"","_company_website":"","_company_tagline":"","_company_twitter":"","_company_video":"","_filled":0,"_featured":0,"_remote_position":0,"_job_salary":"","_job_salary_currency":"","_job_salary_unit":""},"job-types":[],"class_list":["post-5616","job_listing","type-job_listing","status-expired","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/job-listings\/5616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/job-listings"}],"about":[{"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/types\/job_listing"}],"author":[{"embeddable":true,"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/media?parent=5616"}],"wp:term":[{"taxonomy":"job_listing_type","embeddable":true,"href":"https:\/\/cephasconsult.biz\/index.php\/wp-json\/wp\/v2\/job-types?post=5616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}