IFS is a billion-dollar revenue company with 7000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.

At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.

We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.

By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.

We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.

If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.

The Platform Engineering team (R&D) builds and operates the foundational infrastructure that powers IFS Cloud. We're organised into platform teams – each led by a technical lead who sets direction and leads a squad of engineers.

The Identity & Access Management domain sits at the heart of IFS's platform. Every IFS product — IFS Cloud, Nexus / IFS.ai, Remote — depends on secure, reliable authentication. We're looking for a Domain Owner for Authentication: a hands-on technical leader who combines deep identity-management expertise with a platform-engineering, automation-first mindset.

This is a Principal-level Architect / Team Lead role. You'll own the Authentication subdomain end-to-end: strategy, architecture, delivery, and team health. You'll partner with the Authorization Domain Owner, your domain's Program Manager, and engineering leadership to drive the IFS-wide consolidation of identity providers — with Curity positioned as the single identity platform replacing Entra ID, Keycloak, and others across IFS.

We care about the quality of your experience, not just the years. A senior engineer with four years of deep, deliberate work on modern identity platforms is more interesting than someone with fifteen years of incidental exposure.

What you'll own

Architecture & Delivery

• Architect and evolve IFS's authentication stack: Curity (strategic IDP for Nexus today, IFS-wide tomorrow), Keycloak (IFS Cloud), and legacy IFSIM.
• Drive the multi-year Curity consolidation — replacing fragmented identity providers across IFS products and internal systems (Thor, time registration, internal tooling) with a single, coherent platform.
• Resolve known technical debt: Curity performance bottlenecks at scale, high-latency integration flows, disaster-recovery gaps, and the long tail of non-production-ready configuration.
• Define and evangelise authentication patterns across Nexus microservices, IFS Cloud, and federated customer identity providers.

Platform Engineering Mindset

• Treat identity infrastructure as a product with self-service, observability, and automation as first-class citizens.
• Replace ticket-driven identity work with declarative, GitOps-style configuration and well-documented platform capabilities.
• Partner with DevOps and SRE to improve monitoring, alerting, and DR posture for auth services deployed across Azure AKS clusters.

Technical Leadership

• Lead and mentor the AuthNCore squad, setting technical direction and raising the engineering bar.
• Own the overall quality of code output from the squad — coding standards, code review culture, test coverage, and engineering craftsmanship are yours to set and uphold.
• Work closely with your domain Program Manager to sequence and schedule delivery, balance project work against technical-debt reduction, and keep commitments realistic.
• Collaborate closely with the Authorization Domain Owner (who also sits in the Identity & Access Management domain) — authentication and authorization must work as one coherent offering.
• Work across product, engineering, security, and compliance to ensure authentication needs are embedded in every application and workflow.
• Champion modern standards (OAuth 2.0 / OIDC, SAML, mTLS, PKCE, JWT), stay ahead of evolving trends, and bring that perspective back into IFS's roadmap.

Strategy & Roadmapping

• Own the Authentication roadmap — aligning it with platform priorities, security goals, and customer requirements.
• Evaluate emerging technologies and vendors where relevant (without being fashion-driven).
• Contribute to broader platform strategy as part of the Identity & Access Management leadership group.

Must-have

• Deep, demonstrable experience with modern identity management — OAuth 2.0, OpenID Connect, SAML, JWT, PKCE, federated identity.
• Hands-on engineering work with one or more identity platforms at scale: Curity, Keycloak, Auth0, Okta, Ping, ForgeRock, or similar.
• Production experience on a major cloud — Azure preferred (AKS, Key Vault, Front Door, Entra ID); AWS/GCP transferable.
• Strong software engineering foundations (Java, Go, or similar server-side languages).
• Experience designing for multi-tenant SaaS: per-tenant isolation, key rotation, blue/green deployment, DR.
• Experience leading and mentoring engineers — either as a tech lead, principal, or hands-on engineering manager.

Nice-to-have

• Experience working in a platform-engineering model (internal developer platform, self-service capabilities).
• Exposure to observability tooling (Prometheus, Grafana, OpenTelemetry, Datadog, Splunk).
• Background in compliance-heavy environments (SOC 2, ISO 27001, FedRAMP).
• Familiarity with event-driven architectures (Kafka, NATS JetStream).
• Contributions to open-source identity projects or published writing / speaking on identity topics.

How you work

• Automation-first. If you find yourself doing the same thing twice, you're looking for how to codify it.
• Pragmatic. You balance ideal architecture with what's deliverable, and you know technical debt is a choice — you make that choice deliberately.
• Collaborative. Identity is a cross-cutting concern; you influence rather than mandate, and you build allies across engineering.
• Clear communicator. You can explain a nuanced security trade-off to a non-technical stakeholder and get them to the right decision.
• Team-focused. You grow the engineers around you. The squad's output is your output.

Why this role

• Genuine platform ownership. You aren't a cog — you own the subdomain and set direction.
• Strategic leverage. Curity consolidation is a multi-year, high-visibility programme. Your work shapes every IFS product.
• A team to build on. The AuthNCore squad has strong engineers and a clear mandate — but has also been through attrition. You'll stabilise it and grow it.
• Modern stack, real scale. Azure AKS, Curity, Kafka/NATS, MongoDB Atlas, OpenTelemetry — serving hundreds of customers across the IFS product suite.

We embrace flexibility and hybrid work opportunities to support diverse needs and lifestyles, while also valuing inclusive workplace experiences. By fostering a sense of community, we drive innovation, strengthen connections, and nurture belonging. Our commitment ensures you can work in a way that suits you best, while also engaging with colleagues to share ideas and build meaningful relationships.