Key skills
TypeScriptPythonAIReactFastAPIAzureJWTClerkGitSaaSCollaboration
About this role
Servant is partnering with a forward-thinking organization focused on helping teams work smarter, not harder. The Identity & Security Engineer will design and implement the identity, access, and security foundation of the Human-Led AI Orchestration Layer, ensuring secure authorization and compliance across various workflows.
Responsibilities:
- Implement and manage authentication using Clerk across frontend and backend
- Design RBAC and permission models aligned with human-led decision workflows
- Implement secure session handling, JWT validation, and token lifecycles
- Integrate identity flows with FastAPI (Python) backend services
- Support secure authentication flows in React + TypeScript frontend applications
- Ensure consistent authorization enforcement across APIs, services, agents, tools, and data access layers
- Implement best practices for OAuth2, JWT, CORS, CSRF protection, and rate limiting
- Harden APIs and identity boundaries for multi-tenant SaaS use cases
- Document identity architecture and provide knowledge transfer to the team
- Design and implement identity and permission models for AI agents, tools, and automated workflows
- Define and enforce capability-based permission scopes for agents (what actions they can take, on what data, in which contexts)
- Implement human-in-the-loop approval gates and policy enforcement points for sensitive or high-impact actions
- Prevent privilege escalation, cross-tenant access, and unauthorized tool or data usage by agents
- Design sandboxing and blast-radius containment strategies for semi-autonomous workflows
Requirements:
- Hands-on experience implementing authentication and authorization in web applications
- Strong experience with Clerk (or equivalent identity providers)
- Deep understanding of OAuth2, JWT, and session management
- Experience with FastAPI (Python) backend systems
- Frontend integration experience with React + TypeScript
- Strong security fundamentals and threat-model awareness
- Proficiency with Git and remote collaboration
- Experience with Azure deployments and DevOps workflows
- Familiarity with Infrastructure-as-Code
- Experience implementing RBAC in multi-tenant SaaS platforms
- Background securing workflow or decision-support systems