BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast- growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth.
BigCommerce, named a “Best Place to Work” in Austin, is looking for a full-time Software Engineer II on our Identity & Access Management (IAM) Team in the exciting and rapidly growing e-commerce industry.
The BigCommerce Engineering team is on a mission to build the leading SaaS ecommerce platform. Our global team of engineers works from our Austin, San Francisco and Sydney offices and are focused on building the right product for our customers in the right way.
On the IAM Team, we build and extend the services responsible for managing access and authorization across the platform for users, partners, and the BigCommerce platform. Our primary languages are Ruby with some Scala, PHP, React + TypeScript. Architecturally we use REST APIs, gRPC, and we leverage a host of internal deployment and cloud infrastructure tools.
Be a member of our Identity and Access Management Team that powers our authentication and authorization throughout the platform. You’ll be working with team members to extend our products and integrate with a broad array of internal and external services. BigCommerce offers a heavily collaborative environment helping you expand your skill set and take ideas from inception to delivery.
What You’ll Do
- Build systems and APIs that provide world-class identity and access management features to the entire platform.
- Write code that is performant, maintainable, clear, and concise
- Collaborate with our product and design teams to define feature specifications and timelines
- Engage in technical discussion of new solutions and architectures
- Participate in code reviews to maintain and improve quality
- Support an open, positive, and energized culture
- Encourage innovation and foster an environment of continuous improvement
Who You Are
- 2 years experience as a Software Engineer in Ruby or a similar language
- Minimum Bachelor's degree in CS, EE, SW, CE or MIS; or equivalent experience
- Experience with Scala, PHP, or React.js is a plus
- Think iteratively by breaking down problems into smaller, deliverable / deployable pieces.
- Knowledge of gRPC, RabbitMQ, and familiarity with caching solutions
- Experience with Google Cloud Platform or Cloud Computing highly desirable
- Experience in highly scalable service-oriented architectures
- Solid UNIX knowledge
- Knowledge of RBAC and Authentication concepts a strong plus
What is an IAM Framework?
Authentication is the area through which a user provides sufficient credentials to gain initial access to an application system or a particular resource. Once a user is authenticated, a session is created and referred during the interaction between the user and the application system until the user logs off or the session is terminated by other means (e.g. timeout).
It usually comes with a password service module when the user ID /password authentication method is used. By centrally maintaining the session of a user, it provides Single-Sign-On service so that the user needs not logon again on accessing another application system or resource governed under the same IAM Framework.
Authorization is the area that determines whether a user is permitted to access a particular resource. Authorization is performed by checking the resource access request, typically in the form of an URL in web-based application, against authorization policies that are stored in an IAM policy store. Authorization is the core area that implements role-based access control. Moreover, the authorization model could provide complex access controls based on data or information or policies including user attributes, user roles /groups, actions taken, access channels, time, resources requested, external data and business rules.
This area comprises of user management, password management, role/ group management and user /group provisioning. It defines the set of administrative functions such as identity creation, propagation, and maintenance of user identity and privileges. One of its components is user life cycle management that enables an enterprise to manage the lifespan of a user account, from the initial stage of provisioning to the final stage of de-provisioning.
Some of the user management functions should be centralized while others should be delegated to end users. Delegated administration allows an enterprise to directly distribute workload to user departmental units. Delegation can also improve the accuracy of system data by assigning the responsibility of updates to persons closest to the situation and information.
Self-service is another key concept within user management. Through self-profile management service an enterprise benefits from timely update and accurate maintenance of identity data. Another popular self-service function is self-password reset, which significantly alleviates the help desk workload to handle password reset requests.
User management requires an integrated workflow capability to approve some user actions such as user account provisioning and de-provisioning.
Central User Repository
Central User Repository stores and delivers identity information to other services, and provides service to verify credentials submitted from clients
How an organization can benefit from implementing IAM?
Business value improves when an organization can appropriately protect its information assets. IAM provides the kind of reliability and accessibility to user access control that is imperative to most e-business sites these days.
IAM can enable new users, employees or contractors to gain necessary information from applications so that they can be productive and at the same time allow the organization to keep a check on the access rights as their roles require.
The key benefits of implementing IAM are as follows:
- Facilitating the identification of loop holes in control points by phased approach of providing access controls
- Enhancing business value by improving security
- Improving compliance with various industry regulations and creating opportunities for new business initiatives,
- Reducing overall effort of IT administration
- Improving the productivity of employees and other members,
- More effective customer support
- Streamlining IT management in large organizations for enhancing overall ROI for business
- Providing scalable approach that enables IT expansion in growing organizations
Our Hiring Processes Might Include
We want to see your problem-solving and analytical skills. Be prepared to write good, clean, scalable code. You don’t need to know our entire stack, but we’re looking for practical experience, someone who can solve production problems in the cloud.
- Recruiter Phone Screen
- Hiring Manager Screening
- Online Code Assessment
- On-site Interview
- Note: Visa Work Authorization Sponsorship Supported and Relocation Assistance Provided
- Must be willing to relocate prior to start date