Network Software Developer – Identity & Access Systems

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Designs, develops and supports software products, services and systems, which require the use of broad software development knowledge and experience to develop solutions. Offerings can include operating systems, middleware, cloud services, and front-end software, in a variety of programming languages. Typically involved in strategic design/development projects.

Key Responsibilities:

• Design the correct overall system flow for the TACACS+ authentication, especially focusing on features such as Okta, Kyndryl user groups, security compliance, system health and availability, and deployment.
• Harden and take the existing Python TACACS+/Okta application to production.
• Own and manage the Okta OIE integration (Native App, Auth Server, Policies).
• Design local user caching mechanism
• Implement production-grade monitoring, logging, and alerting.
• Collaborate with the network engineering team to support AAA on routers and switches.
• Act as the subject matter expert for this code
• Develop automation to deploy this tool

Your Future at Kyndryl
The career path ahead is full of exciting opportunities to grow and advance within the job family. With dedication and hard work, you can climb the ladder to higher bands, achieving coveted positions such as Principal Engineer or Vice President of Software. These roles not only offer the chance to inspire and innovate, but also bring with them a sense of pride and accomplishment for having reached the pinnacle of your career in the software industry.

Who You Are

You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others.

Required Technical and Professional Experience

• 2+ years experience with the Okta API and the Okta administration GUI
• 3+ years experience with OAuth authentication architecture
• 3+ years with API debugging (eg, Postman)
• Immediately understands and can implement working code around documents such as:
• https://developer.okta.com/docs/guides/configure-direct-auth-grants/dmfaoobov/main/
• https://datatracker.ietf.org/doc/html/rfc8907
• Experience in gathering requirements, documenting requirements, and translating to implemented code
• Python (5+ years): Production-quality code, API clients (requests, requests-oauthlib), and database interaction (sqlite3, mysql).
• Linux System Administration (5+ years): Managing services, logging, permissions, and performance troubleshooting.
• 5+ years experience working with Containers on Linux, eg K8s, Docker, etc.
• Familiar with systemd or other daemonization methods on Linux, can create new services and deploy as persistent
• API Integration (4+ years): Deep experience with RESTful APIs, JSON, and complex authentication flows.
• Demonstrated ability to debug APIs with tools such as Postman
• Okta Expertise (3+ years): Hands-on experience with Okta Identity Engine (OIE), including:
• Configuring Native Applications and their specific grant types (Resource Owner Password, MFA OTP, etc.).
• Managing Authorization Servers (scopes, claims, access policies).
• Building and managing Authentication and Global Session Policies.
• Using the Okta Management API with SSWS tokens for direct queries.
• OAuth 2.0 & OIDC: Strong understanding of grant types, especially for non-interactive (API-based) flows.
• Experience in any web frontend development framework, able to develop end-user-facing GUI for these tools, such as Streamlit, Flask, Anvil, or Django
• https://developer.okta.com/docs/guides/configure-direct-auth-grants/dmfaoobov/main/
• https://datatracker.ietf.org/doc/html/rfc8907
• 5+ years experience working with Containers on Linux, eg K8s, Docker, etc.
• Familiar with systemd or other daemonization methods on Linux, can create new services and deploy as persistent
• Demonstrated ability to debug APIs with tools such as Postman
• Configuring Native Applications and their specific grant types (Resource Owner Password, MFA OTP, etc.).
• Managing Authorization Servers (scopes, claims, access policies).
• Building and managing Authentication and Global Session Policies.
• Using the Okta Management API with SSWS tokens for direct queries.
• OAuth 2.0 & OIDC: Strong understanding of grant types, especially for non-interactive (API-based) flows.
• Configuring Native Applications and their specific grant types (Resource Owner Password, MFA OTP, etc.).
• Managing Authorization Servers (scopes, claims, access policies).
• Building and managing Authentication and Global Session Policies.
• Using the Okta Management API with SSWS tokens for direct queries.
• OAuth 2.0 & OIDC: Strong understanding of grant types, especially for non-interactive (API-based) flows.

Preferred Technical and Professional Experience

• Experience with production TACACS+ servers (tac_plus, Cisco ISE).
• Knowledge of more advanced databases (PostgreSQL, MySQL).
• Familiarity with infrastructure automation (Ansible, Terraform).
• Experience with monitoring stacks (Prometheus, Grafana, ELK).
• Historical understanding and experience with languages such as C, C++ and traditional data structures

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.  At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.