Senior Java Spring Boot Developer (SAML & OAuth)

<span style="font-size:11pt;"><span style="line-height:normal;"><span style="font-family:Calibri, sans-serif;"><b><span style="font-size:16pt;">Job Title: Senior Java Spring Boot Developer (SAML & OAuth)</span></b><br><span style="font-size:16pt;"><b>Location:</b> Remote<br><b>Engagement Type:</b> Contract<br><span style="font-size:16px;">(Initial part-time, hourly; potential to convert to full-time)</span></span></span></span></span><div align="center" style="text-align:center;"><hr align="center" size="2" width="100%"></div><br><span style="font-size:11pt;"><span style="line-height:normal;"><span style="font-family:Calibri, sans-serif;"><b><span style="font-size:16pt;">About the Role</span></b><br><span style="font-size:12pt;">We are seeking a highly experienced Senior Java Spring Boot Developer with deep expertise in OAuth 2.0 and SAML 2.0 to design and build secure, production-grade microservices. This role requires a hands-on engineer who can develop authentication and authorization mechanisms from the ground up and integrate with enterprise identity providers.</span></span></span></span><div align="center" style="text-align:center;"><hr align="center" size="2" width="100%"></div><br><span style="font-size:11pt;"><span style="line-height:normal;"><span style="font-family:Calibri, sans-serif;"><b><span style="font-size:16pt;">Key Responsibilities</span></b></span></span></span><ul style="margin-bottom:11px;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Develop and maintain production-grade microservices using Java 17+ and Spring Boot</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Implement and manage OAuth 2.0 flows, including: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Authorization Code</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Client Credentials</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">PKCE</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Token Introspection</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Refresh Token Rotation</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Integrate SAML 2.0 Single Sign-On (SSO) with enterprise identity providers such as Okta, Azure AD, and Ping Identity</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Build and manage distributed job scheduling systems using: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Quartz Scheduler (clustered)</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Spring Batch</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Spring Scheduler</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Define and enforce API security policies, including: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Token validation</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Scope enforcement</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Rate limiting</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Audit logging</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Ensure secure and scalable system architecture aligned with modern best practices</span></span></span></span></span></li></ul><div align="center" style="text-align:center;"><hr align="center" size="2" width="100%"></div><br><span style="font-size:11pt;"><span style="line-height:normal;"><span style="font-family:Calibri, sans-serif;"><b><span style="font-size:16pt;">Required Experience & Skills</span></b></span></span></span><ul style="margin-bottom:11px;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><strong><span style="font-size:12pt;">7+ years</span></strong><span style="font-size:12pt;"> of professional experience in Java development with Spring Boot in production environments</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Strong expertise in <b>Spring Authorization Server</b><b> or Spring Security OAuth2</b></span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Deep understanding of <b>OAuth 2.0 </b><b>and OpenID Connect</b>, with ability to implement flows without relying solely on frameworks</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Hands-on experience with <strong>SAML 2.0,</strong> including: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">SP-initiated and IdP-initiated SSO</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Metadata exchange</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Attribute mapping</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Assertion encryption and signing</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Experience with job scheduling frameworks: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Quartz (clustered environments)</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Spring Batch pipelines</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Distributed scheduling with Spring</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Strong knowledge of: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Spring Security</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Spring Cloud Gateway</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">JWT handling (signing, rotation, blacklisting)</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Solid understanding of: </span></span></span></span></span><ul style="list-style-type:circle;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">REST API design</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">HTTP security headers</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">HTTPS/TLS protocols</span></span></span></span></span></li></ul></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Experience with relational databases such as PostgreSQL or MySQL, and ORMs like Hibernate/JPA</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Familiarity with event-driven architectures using Kafka or RabbitMQ</span></span></span></span></span></li><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Proficiency in Git, Maven/Gradle, Docker, and Kubernetes fundamentals</span></span></span></span></span></li></ul><div align="center" style="text-align:center;"><hr align="center" size="2" width="100%"></div><br><span style="font-size:11pt;"><span style="line-height:normal;"><span style="font-family:Calibri, sans-serif;"><b><span style="font-size:16pt;">Nice to Have</span></b></span></span></span><ul style="margin-bottom:11px;"><li style="margin-bottom:11px;"><span style="font-size:11pt;"><span style="line-height:normal;"><span><span style="font-family:Calibri, sans-serif;"><span style="font-size:12pt;">Experience working with identity/authorization platforms such as Keycloak, Auth0, or Okta (as an Authorization Server).</span></span></span></span></span></li></ul>

Back to blog