Senior Software Engineer - Identity & Access Management (all genders) - simplesurance

simplesurance is a leading insurtech company specializing in the seamless integration of innovative insurance technology into the digital workflows of business partners across diverse industries. Founded in 2012 and part of Allianz since 2022, simplesurance plays a pivotal role in enhancing customer experiences in fast growing ecosystems like banking, automotive, e-commerce, and travel. 

An international team of over 350 technology experts from more than 30 countries develops scalable B2B and B2C solutions — ranging from robust APIs to fully integrated service portals and customer-facing platforms.

With its headquarters in Berlin and teams across Munich, Paris, Lisbon, Dubai, and Beirut, simplesurance is driving the global transformation of digital insurance solutions.

About the Job

We’re looking for a Senior Software Engineer - Identity & Access Management to join our team and make a real impact! Ready to take on new challenges? As part of our team, you’ll be contributing to cutting-edge projects that are shaping the future of our company and the industry.

At simplesurance, we don’t just embrace change – we drive it. With a strong commitment to innovation, resilience, and growth, we continuously challenge the status quo while having fun along the way, true to our motto: "Never Stop Playing".

As a Senior Software Engineer - Identity & Access Management at simplesurance, you’ll experience firsthand how technology and innovation work to fuel our growth. 

We invite you to check out some of the tools and projects that drive our work:

• TechShare: See the tools we use to power our business.
• GitHub Repository: Explore our open-source projects.
• Integration Overview: Get a look at how our integrations work.

Stay updated with our latest news on LinkedIn.

Key Responsibilities

• Design, develop, and operate high-throughput, low-latency identity services: Single Sign-On (SSO), Multi-Factor Authentication (MFA), session management, and federation. Own features end-to-end from design through production and support.
• Implement and scale modern authentication and authorization protocols and token formats (OAuth 2.0, OpenID Connect, JWTs), including secure token issuance, rotation, and revocation strategies.
  
• Write clean, concurrent, and highly performant backend services primarily in Go; design idiomatic, testable code and clear API contracts (gRPC/HTTP).
• Use your DevOps experience to deploy, manage, and automate identity infrastructure (CI/CD, monitoring, and incident response).
  
• Serve as the subject matter expert on authentication and identity: own internal security reviews, threat modeling for identity flows, and guide other teams on secure integrations with our platform.
  
• Integrate and maintain solutions with custom and standard identity providers (e.g. Keycloak and AWS Cognito), and federation patterns.
• Mentor engineers, conduct design reviews, and contribute to the team's technical roadmap and security posture.

Bring to the Team

• Proven experience building complex, distributed backend systems with strong production experience in Go and gRPC.
  
• Deep conceptual and practical knowledge of modern authentication and authorization flows, token security, session management, and cryptographic fundamentals (OAuth2, OIDC, RBAC, JWT signing/verification).
  
• Solid understanding of web security, federated identity, and secure coding practices; familiarity with common web vulnerabilities and mitigations, including the OWASP Top 10. 
• Hands-on experience with cloud platforms (AWS preferred), container orchestration (Kubernetes), and Infrastructure as Code (Terraform).
  
• Experience designing systems for high throughput and low latency without sacrificing security or correctness.
  
• Strong communication skills: able to explain complex security and architectural tradeoffs to technical and non-technical stakeholders and drive cross-team consensus.
• Experience with SAML, SCIM, PKI, JWKs/JWKS endpoints, key management (KMS/HSM) and token introspection.
• Working knowledge of identity platforms (commercial or open source), rate limiting, abuse mitigation, and adaptive authentication.

Even if you don’t check all the boxes, we are happy to receive your CV.

What We Offer

At simplesurance GmbH, you will get an all-round feel-good package including:

Benefits (Berlin & Lisbon)

1. A hybrid environment that fosters flexibility
2. Working-from-abroad policy of up to 25 days per year
3. 28 vacation days, plus full paid time off on Christmas & New Year’s Eve
4. Allianz shares guided by our investment policy
5. Sabbatical leave of up to 2 months after your first year
6. Learning & development opportunities via our Degreed platform
7. Employee Referral Programme
8. Regular company events and an open, growth-oriented culture

Location-Specific Benefits
Germany

1. Choice between a free Deutschland ticket or Internet subsidy
2. An exceptional company-supported pension plan
3. JobRad leasing (bike leasing with insurance & checkups sponsored)
4. Centrally located HQ with excellent U-Bahn and S-Bahn access

Portugal

1. Support with health insurance
2. Office is in the Miraflores area, and it provides a great spot to collaborate and connect.
    

For Your Application

No matter your background, we encourage you to apply, and Débora, our Talent Acquisition Manager, is thrilled to review your application. At simplesurance, we are committed to providing equal opportunities to all.

„Never stop playing!”

IT & Tech Engineering Allianz Partners Full-Time Professional