Keymate Logo

Senior Java Developer

Remote
5+ years
Posted Jul 2025

☕ Senior Java Developer

🚀 About the Role

We’re building Keymate—a next-gen identity and access management platform built on:

  • Fine-Grained Authorization (FGAC, OpenFGA)
  • Multi-Tenant IAM Orchestration
  • Event-Driven Policy Enforcement
  • Real-Time Observability via OpenTelemetry

We're looking for a Senior Java Developer to join our platform team, where infrastructure, authorization, and domain logic converge.

You won't just "write APIs"—you'll build a modular, reactive, and auditable IAM architecture, working across systems like Keycloak, Kafka, PostgreSQL, OpenMetadata, and Access Gateways.

This is a product engineering role focused on architecture, scale, and traceability.

🧩 What You’ll Work On

  • Develop Quarkus-based microservices using gRPC, REST, and Kafka
  • Design and implement authorization APIs, token flow logic, and event-driven policy engines
  • Contribute to OpenFGA-integrated modules using ReBAC and contextual attribute access models
  • Implement fine-grained permission checks, parameter extractors, and decision evaluators
  • Build DSL-based policy engines with versioning, preview, and rollback capabilities
  • Participate in multi-tenant context handling, impersonation flows, and session-bound access logic
  • Collaborate with frontend and DevOps teams to enable real-time observability and access event tracing
  • Ensure secure, auditable, and high-performance code—tested, profiled, and monitored

✅ What We’re Looking For

  • 5+ years of professional Java experience, ideally in platform-level systems
  • Strong proficiency with Java 17+, modern features, and clean architecture principles
  • Hands-on experience with Quarkus, gRPC, REST, and Kafka
  • Deep understanding of authorization concepts (RBAC, ABAC, ReBAC) and token lifecycles
  • Experience with test-driven development, observability, and structured logging
  • Familiarity with PostgreSQL, event sourcing, and reactive programming is a plus
  • Passion for building developer-friendly, traceable, and extensible backend systems

🌐 Nice to Have

  • Experience integrating with Keycloak, SPI extensions, or token mappers
  • Knowledge of OpenFGA, policy engines, or DSL interpreters
  • Understanding of multi-tenant architecture, impersonation, and scoped access models
  • Interest in security engineering, audit traceability, and compliance-friendly design
  • Familiarity with OpenTelemetry, Infinispan, and distributed caching strategies

🤝 What We Offer

  • A core role in building a product that extends open-source IAM with enterprise-grade architecture
  • High autonomy and direct collaboration with technical architects and product owners
  • A platform where you can build and improve the security foundation used by thousands
  • Fully remote, async-friendly work environment
  • Chance to shape and own parts of the platform that define its long-term evolution

Note: This is a backend engineering role where architecture, security, and extensibility matter. You’ll write APIs—but more importantly, you’ll shape the systems that enforce trust at scale.

Ready to Apply?

We'd love to hear from you! Express yourself freely in an email and tell us why you're excited about this role.

Send your application to:

careers@keymate.io

Note: You can share your resume in whichever medium you express yourself best - whether that's a PDF, portfolio website, GitHub profile, or creative presentation.