Software Engineer – Identity Shield & Consumer Fraud - Shield; Backend

Position: Software Engineer – Identity Shield & Consumer Fraud - Shield (Backend)
Work Location(s)601 S. Tryon Street, NC

Work Schedule:

Ally designates roles as (1) fully on-site, (2) hybrid, or (3) fully remote. Hybrid roles are generally expected to be in the office a certain number of days per week as indicated by your manager. Your hiring manager will discuss this role's specific work requirements with you during the hiring process. All work requirements are subject to change at any time based on leader discretion and/or business need.

At Ally, you get a startup feel, but experience the benefits of a company that has worked out the kinks and is fulfilling its purpose. We are always evolving and see that as a good thing. From owning our work to seeing its impact in the real world, our team is relentless in finding new ways technology can help make experiences better and help people.

We are problem solvers, we value diverse thinking, we support one another, and we challenge ourselves to think bigger in the journey to deliver customer-obsessed tech solutions. To read more about what our tech team does, be sure to visit our tech blog hJoin Ally's Identity Shield and Consumer Fraud team to build authentication and identity infrastructure that protects our digital banking customers and enables intelligent fraud prevention.

You'll develop systems that implement fine-grained access control, manage authentication and authorization flows across Ally's digital banking ecosystem, and generate the behavioral and contextual signals that power adaptive fraud detection.

At this time, Ally will not sponsor a new applicant for employment authorization for this position.

As a backend engineer on this team, you'll tackle fascinating challenges implementing identity protocols at scale—building OAuth 2.0 and OpenID Connect flows, developing authorization engines that evaluate complex policies with millisecond latency, and serving authentication decisions that directly impact our ability to keep customers safe and prevent fraud.

You'll work with modern cloud technologies to build resilient, scalable platforms where performance and reliability are non-negotiable. This is your opportunity to shape Ally's next-generation identity and authentication infrastructure, mastering security-first design principles, distributed systems, serverless architectures, and AI-assisted development workflows.

This role offers the rare combination of high-impact work, cutting-edge technology, and meaningful outcomes. You'll collaborate across engineering, product, security, and data science teams to solve complex problems that matter. Whether you're developing authentication services that adapt to risk signals, implementing passwordless flows using passkeys and biometrics, building integrations with enterprise identity providers, or designing event streams that carry authentication signals to fraud detection systems, your work will be visible and valued.

On this team, we believe in relentless progress balanced with sustainable pace. We support each other, celebrate wins, learn from setbacks, and foster an environment where everyone can do their best work. Our #1 goal is team success, and our people are above all else.
*
* Key Responsibilities:

*** Design and develop authentication and authorization services implementing modern identity protocols (OAuth 2.0, OpenID Connect, SAML, JWT)
* Build scalable APIs for identity management, user registration, verification, and account recovery
* Implement session management and token lifecycle systems across web and mobile platforms
* Develop fine-grained authorization engines and policy evaluation services for access control
* Build integrations with distributed identity providers, enterprise SSO platforms, and social login services
* Implement passwordless authentication flows using passkeys, biometrics, and device attestation
* Develop adaptive authentication logic that adjusts requirements based on risk signals and context
* Instrument authentication events with rich contextual metadata that power fraud detection and analytics
* Implement comprehensive observability using Open Telemetry across identity services
* Write clean, tested code in Node.js, Type Script, and Python following engineering best practices and team standards
* Collaborate with frontend engineers, security teams, and data scientists to deliver solutions that drive real outcomes
* Participate in architectural decisions, technical design reviews, and code reviews
* Build and maintain infrastructure-as-code for identity platform components using Terraform
* Monitor, troubleshoot, and optimize platform performance, reliability, and security posture
* Contribute to documentation, runbooks, and knowledge sharing across the team
* Experiment with emerging technologies and propose innovations that enhance platform capabilities
* Mentor team members and contribute to a culture of continuous learning and improvement
* Work in an agile environment with sprint planning, story elaboration, and iterative delivery### The Skills You Bring
*
* Minimum…