Product Engineer - Auth

About the Role

The authentication system is a crucial part of Supabase's stack, and the company is looking for someone who can help build and maintain it. The ideal candidate will have a strong knowledge of web technology fundamentals, authentication security, and experience working with multiple web frameworks.

Supabase is a remote-first company with a global team, and this role offers the opportunity to work with a diverse group of engineers. The company values open-source and community-driven development, and the Product Engineer - Auth will be expected to contribute to the evolution of the Auth architecture.

What You Will Do

• Design and implement secure authentication features in Go and TypeScript
• Work across the stack, from server-side protocols to client-side libraries for frameworks like Next.js
• Contribute to the evolution of the Auth architecture, including support for OAuth, OIDC, SAML, and other protocols
• Write and review RFCs as part of the product development process
• Collaborate with engineers across Supabase to ensure a seamless experience for developers using the company's tools
• Support the community and respond to developer feedback on GitHub, Discord, and other channels
• Participate in code reviews and ensure that the code is of high quality and follows best practices
• Stay up-to-date with the latest developments in authentication security and web technology fundamentals

What We Are Looking For

• 5+ years of software development experience in a professional setting
• 2+ years of professional experience working on an authentication system
• Strong knowledge of web technology fundamentals (cookies, sessions, JWT, HTTP, browser APIs)
• Good knowledge of authentication security (passwords, protocols such as OAuth, OIDC or SAML, cryptography fundamentals such as hash functions, signatures and ciphers)
• Experience working with multiple web frameworks like Next.js and traditional web frameworks like Ruby on Rails, Django, Laravel or equivalent
• Strong knowledge of Go and TypeScript (languages used daily) and Postgres
• Good technical writing skills (RFC process is an important part of making changes to the Auth product)
• Experience working in a remote environment and collaborating with a global team

Nice to Have

• Experience with other programming languages, such as Java or Python
• Knowledge of cloud-based authentication systems and their trade-offs
• Familiarity with security auditing and compliance frameworks
• Experience with agile development methodologies and version control systems like Git

Benefits and Perks

• Fully remote work environment with a global team
• ESOP (equity ownership) in the company
• Tech allowance to set up your ideal work environment
• Health benefits, including 100% coverage for employees and 80% for dependents
• Annual off-sites in new cities for team-building and collaboration
• Flexible work hours and asynchronous work environment
• Professional development allowance for learning and growth
• Opportunity to work on open-source projects and contribute to the community
• Access to a global network of engineers and developers

• Familiarize yourself with Supabase's Auth product and its architecture before applying
• Make sure you have a strong understanding of authentication security and web technology fundamentals
• Highlight your experience working with multiple web frameworks and programming languages
• Emphasize your ability to work in a remote environment and collaborate with a global team
• Prepare to discuss your experience with authentication systems and your approach to security audits and compliance
• Be ready to provide examples of your technical writing skills and experience with RFCs
• Research the company culture and values to understand whether you would be a good fit for the team