Senior Backend Engineer – Authorization & User Management

Job Responsibilities:

• Authorization and policy systems: Design and evolve a NestJS/TypeScript gatekeeper service with Casbin-style policies, implementing roles/groups/resource-level permissions and clean enforement flows exposed to both UI and service-to-service consumers.
• User and group management: Build and extend user/group/role capabilities, maintain the node-scope-management service for lifecycle and inheritance, and ensure consistent, correct state across APIs, jobs, and downstream consumers.
• Identity and provisioning integrations: Own external identity integrations (e.g., Zitadel), improve sync for user/role lifecycle and deprovisioning, and implement enterprise features like external groups, SCIM-style provisioning, and metadata sync.
• Event-driven backend architecture: Design resilient async workflows (AMQP, background processing) to validate and propagate role/membership updates, with reliable retries and correct behavior under failures and partial reprocessing.
• Platform ownership: Model GraphQL/Prisma/PostgreSQL APIs with strict tenancy, enhance observability (logs/metrics/traces/alerts) for auth/identity flows, and own production delivery via Docker/Kubernetes/Helm and GitOps.
• Engineering culture: Write robust tests for security-sensitive logic, engage in design/code reviews on auth/identity boundaries, and mentor peers to raise quality, maintainability, and operational discipline.

Job requirements:

• 5+ years of backend engineering experience with strong expertise in TypeScript, Node.js, and structured backend frameworks such as NestJS
• Strong domain experience in authorization, identity, or user management systems in production SaaS environments
• Excellent system design skills: you can model roles, permissions, policy propagation, and service boundaries in a way that stays understandable as the platform grows
• Experience with enterprise identity concepts such as SSO, RBAC, provisioning, deprovisioning, webhooks, SCIM, or IdP integrations
• Multi-tenant SaaS experience with strong awareness of tenant isolation, auditability, and security-sensitive change management
• Event-driven systems experience: comfortable with asynchronous workflows, retries, idempotency, and eventual consistency in backend services
• Testing discipline: you write tests for critical business and security logic, not just happy paths

Location: Accra

Salary: Attractive