Full Stack Developer - Zero Trust and IAM, JIN Johnson Controls (India) Priva, IN

What we look for

· 3+ years of professional experience building and operating production-grade applications and services across the stack (frontend, backend, databases, CI/CD).

· Strong backend development in one or more of: Node.js/TypeScript, Java (Spring Boot), C#/.NET, or Python; experience designing REST/GraphQL APIs and event-driven microservices.

· Deep understanding of authentication & authorization patterns (OAuth 2.0, OIDC, SAML, JWT), session management, RBAC/ABAC, and secure-by-default coding aligned to Zero Trust principles (least privilege, continuous verification).

· Experience integrating with Identity & Access Management (IAM) platforms (e.g., Microsoft Entra ID/Azure AD, Okta, Ping Identity, SailPoint, Saviynt) to enable SSO, SCIM provisioning, JIT access, and fine-grained entitlements.

· Robust DevOps/DevSecOps skills using Azure DevOps/GitHub/Jenkins for CI/CD, test automation, artifact/package management, and progressive delivery; familiarity with IaC (Terraform/Bicep) and environment promotion strategies.

· Observability mindset: logging, metrics, tracing, and alerting (e.g., OpenTelemetry, Prometheus/Grafana, Splunk) with SLOs and error budgets.

· Clear communicator who can articulate technical concepts to stakeholders, collaborate in agile teams, and write high-quality documentation.

· Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience.

· Familiarity with Zero Trust Network Architecture is desirable

· Familiarity with service now Ticketing and CMDB is desirable

· Design, build, operate and automate security solutions and processes to protect the integrity of the organization's networks, systems, applications and data.

· Experience developing technical strategies, architectures, and roadmaps.

Preferred

· Design, build, and operate secure, scalable web applications and APIs that power Identity & Access Management use cases (admin consoles, self-service portals, workflow automation, and entitlement management).

· Own operational excellence: instrument services, define SLOs, handle on-call rotations, root-cause incidents, and implement corrective actions to improve reliability and security.

· Partner with IAM engineers, security architects, and platform teams to evolve reference architectures, reusable components, and paved paths for secure service delivery.

· Implement end-to-end auth flows (SSO, MFA, token exchange) and policy enforcement (RBAC/ABAC, conditional access) leveraging enterprise IdPs (Entra ID/Okta/Ping) and standards (OIDC/SAML/OAuth 2.0).

· Develop microservices and event-driven integrations for identity lifecycle (joiner/mover/leaver), SCIM connectors, and audit/attestation data pipelines.

· Embed Zero Trust-by-design: verify explicitly, use least privilege, segment services, and continuously evaluate signals to protect sensitive data and administrative surfaces.

· Establish test strategies (unit, contract, integration, e2e), quality gates, and automated security checks in CI/CD; drive trunk-based development and high deployment frequency with rollback safety.

· - Document designs, runbooks, and APIs; mentor engineers and contribute to coding standards and design reviews.

· Development knowledge e.g. Python, Java, C#, .NET, Web Services (SOAP/REST/RESTful, APIs), Shell programming/scripting

· Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR)

Certifications (nice to have)

· Microsoft Certified: Azure Developer Associate (AZ-204); Microsoft Certified: Identity and Access Administrator (SC-300).

· Okta Certified Developer or Professional; Ping Identity certifications.

· AWS Developer Associate / Google Professional Cloud Developer.

· Security-focused certs (e.g., GIAC GWEB/GWAPT); broader certs like CISSP are a plus for security depth.

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/careers.