Senior Engineer - Authorization & Amazon Verified Permissions (AVP) Your new company Join a forward-thinking, large-scale digital platform operating at national scale, delivering mission-critical services across a complex multi-tenant environment. The organisation is investing heavily in modern security architecture, with a strong focus on fine-grained, policy-based authorization to support Zero Trust principles. You'll be part of a highly skilled engineering function that values security, craftsmanship, and innovation, working on systems where correctness and precision are paramount. Your new role As a Senior Engineer - Authorization Specialist, you will act as the subject matter expert for application-layer authorization, leading the design and implementation of a sophisticated fine-grained access control system powered by Amazon Verified Permissions (AVP) and Cedar.This is a deeply technical, niche role focused on building and operating a centralized authorization capability. You will work cross-functionally with architecture, product, and security teams to translate complex business rules into robust, scalable authorization policies and infrastructure.You'll take ownership of the end-to-end authorization ecosystem - from schema design and policy authoring to SDK development, integration patterns, and production operations - ensuring the platform meets stringent enterprise security and compliance standards. What you'll need to succeed Core Expertise (Non-Negotiable) Proven, hands-on experience with Amazon Verified Permissions (AVP) in production environments Strong proficiency in the Cedar policy language, including policy authoring, debugging, and schema design Deep understanding of fine-grained authorization models (RBAC, ABAC, ReBAC) and how to apply them in real-world systems Technical Capability Experience designing multi-tenant authorization systems at scale Strong working knowledge of OIDC/OAuth2, JWT tokens, and claim-based authorization Experience integrating identity providers such as Auth0 and Cognito Solid AWS experience across Lambda, API Gateway, DynamoDB, IAM, and event-driven architectures Proficiency in TypeScript or Python for building shared libraries and backend services Experience with Infrastructure as Code (Terraform or CloudFormation) and CI/CD pipelines Engineering & Architecture Ability to design authorization schemas, policy stores, and enforcement patterns Experience building shared authorization layers or middleware across distributed services Strong understanding of Zero Trust architecture principles Familiarity with observability, audit logging, and compliance requirements Soft Skills Excellent stakeholder communication - able to translate complex authorization logic into business terms Strong problem-solving ability in ambiguous environments Detail-oriented mindset with a security-first approach Collaborative and mentoring-oriented What you'll get in return Opportunity to work on cutting-edge authorization architecture at national scale A highly specialised role with strong influence over security and platform design Collaboration with senior engineers, architects, and security leaders Exposure to modern policy-based access control systems (AVP & Cedar) Competitive salary and benefits package Flexible working arrangements and a supportive engineering culture Ongoing learning and development, including staying at the forefront of emerging authorization technologies What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career. 3001484