Tech Stack:
Node.js, TypeScript, Vercel Serverless, Vercel KV, Vercel Postgres, OAuth2/OIDC, JWT. .NET C#
Seniority:
Mid–Senior
Technical Skills
Required Skills \& Experience
Strong proficiency in Node.js and TypeScript
Experience with Vercel Serverless Functions, Vercel KV, and Vercel Postgres
Deep understanding of: OAuth 2.0, OpenID Connect, JWT, JWK/JWKS, Authorization Code Flow with PKCE
Experience implementing RBAC (role-based access control) and permission-based access systems
Expertise in REST API development and serverless patterns
Experience integrating third-party OAuth providers (Auth0, Azure AD, Google, etc.)
Experience with Postgres schema design
Familiarity with Redis/KV-style stores for caching session metadata
Ability to implement secure integration with external APIs (e.g., Sitecore Content Hub)
Security Knowledge
Knowledge of secure authentication \& session management (OWASP ASVS)
Understanding of: CSRF, XSS, token replay prevention, secure cookie configurations
Awareness of PDPA and Singapore data-protection requirements
Soft Skills
Strong documentation habits
Ability to clearly articulate architectural decisions
Experience working with cross-functional teams (frontend, infrastructure, compliance)
Ability to troubleshoot complex identity flows and serverless issues
Bonus / Nice-to-Have Skills
Prior experience integrating SingPass, SGID, or Corppass
Familiarity with Sitecore or Sitefinity
Experience with Next.js middleware and full-stack integration
Knowledge of content governance / asset access models
Experience working on government-related or compliance-heavy projects