IAM Engineer (ID Platform Group, Money Forward Cloud)

Overview

About the Business Platform Development Division, ID Platform Group
Our team is primarily responsible for the development of services such as authentication/authorization, tenant management, and audit log platform. We work closely with each product team of Money Forward Cloud and the other engineering teams to maximize the value as a common platform.

Background
Our team is responsible for the development and operation of "Money Forward ID" and "EIAM," which are mission-critical common platform supporting the entire Money Forward group.

This system is an authentication/authorization platform that supports over 30 products across the group and is a large-scale distributed system processing tens of millions of requests per day. We are looking for senior-level or higher engineers who can technically lead the evolution of the platform with expertise in Identity and Access Management (IAM), embodying "Platform Engineering" that improves the development experience and security standards of the entire group, beyond just single product development.

Tech Stack and Environment
Ruby and Kotlin are used as the main languages for the backend. We welcome those who have deep expertise in one and are willing to learn and utilize the other in practice.
The team consists of Japanese and multinational members, and daily communication and business operations are mainly conducted in English.

About Money Forward ID
Money Forward ID (MFID) is a group-wide IdP that supports over 30 products cross-functionally. It complies with OIDC (OpenID Connect) and provides the entire group with robust security and seamless identity linkage to meet diverse authentication needs.

Responsibilities and Duties

As an IAM Engineer, you will be responsible for the design and implementation of Money Forward's ID platform, next-generation multi-tenant management platform, and related applications.
In addition, you will provide technical advisory and leadership to engineering teams in promoting the introduction of ID platform to group companies and the tenant migration process.
We expect you to leverage your experience in operating large-scale services in production environments to propose improvements and make proactive decisions to provide a highly reliable and available platform.

• Design, development, and maintenance of Money Forward ID
• Technical and legal consulting for products within the group
• Leading ID integration and migration processes between products
• Research and implementation of the latest authentication/authorization technologies (Passkey, etc.)
• Strengthening security and governance in the authentication platfrom

Stakeholders Involved
Product teams, platform teams, group companies, CISO, Legal, CS, etc.

Current Challenges and Expected Role
You will be required to expand the platform through coordination with diverse stakeholders, such as compliance design with Legal, improvement of user experience in collaboration with CS, and ID integration processes with each product team, not limited to just ID platform development.

Leveraging your knowledge in the authentication/authorization domain, we would like you to lead the development of platform services that will support the next 10 years from both technical and business perspectives.

Why Join Us?

• Experience in cross-product platform engineering
  • As a common platform supporting each service of Money Forward Cloud (accounting, attendance, HR management, etc.), you can be involved in development with a broad overview of the group's business areas without being tied to a specific domain. It has an aspect of platform engineering to improve the development productivity of each product team through the improvement of common platform, and in the process of designing how each product links with the ID platform, you can gain experience in understanding multiple service specifications cross-functionally.
• Technical challenges and responsibilities in a large-scale ID platform
  • As a foundation supporting 17.5 million accounts, you will be entrusted with the consideration and leadership of technology selection and architecture looking ahead to the next 10 years.
  • You can gain design experience to balance performance and reliability in a system that requires constant stable operation while achieving large-scale and high availability.
  • In addition, by continuously performing technical updates in the authentication/authorization field through the introduction of new authentication technologies such as Passkeys, you can implement a "passwordless future" with your own hands.
• Development in a multinational team environment
  • The development team is composed of multinational members and routinely collaborates with overseas development bases. It is an environment where you can practice standard development practices through communication in English and joint development with engineers from diverse backgrounds.

Required Skills and Experience

• Experience with authentication systems or identity providers (OpenID Connect (OIDC), OAuth, SAML, SSO, SCIM).
• Extensive experience with Kotlin or Ruby.
• Experience in database design and modeling.
• Experience in designing and deploying cloud infrastructure.
• 7+ years of experience in web application development.
• Bachelor’s degree or higher in Computer Science, Engineering, or a related technical field.
• Ability to relocate to Japan and work from the Tokyo office at least twice a week.

Preferred Skills and Experience

• Experience in administration and operation of identity providers such as Okta, Azure AD, or Entra ID.
• Experience in Identity and Access Management (IAM) consolidation or ID platform integration.
• Data engineering experience, including ETL pipelines, data processing jobs, or database management.
• Experience in system architecture design.
• Experience in microservices development.
• Experience in DevOps or Site Reliability Engineering (SRE).
• Experience in container-based development (e.g., Docker, Kubernetes).
• Experience in AI development and/or experience in using AI tools to improve development processes.
  • Money Forward recently announced our AI Strategy roadmap which focuses on improving AI-driven operational efficiencies, as well as integrating AI agents into our products to deliver better value to our users.

Language Requirements

• English: Business-level
  • TOEIC 700 or higher + a level capable of handling meetings and text communication in English immediately after joining
  • Evidence of English proficiency other than TOEIC is also acceptable.
• Japanese: Not required but a willingness to learn is preferred.
  • English is primarily used in our development environment. However, there are a few situations and tasks where communicating in Japanese is necessary.
  • We would like to encourage individuals who are currently learning Japanese or have a strong desire to learn to join our team.

Technology Stack

• Backend: Ruby on Rails, Ruby, Kotlin, GraphQL, gRPC
• Middleware: MySQL, Kafka, Redis
• Infrastructure: AWS, Docker, Kubernetes, Terraform, Datadog
• Collaboration Tools: Slack, GitHub, Jira, Notion

Work Environment

At Money Forward, we provide an environment where we can create world-class services together, and we are looking forward to welcoming you.

• Provided PC Specs: We provide PCs equipped with the latest CPUs (MacOS or Windows). Custom-made PCs tailored to business requirements and replacements with the latest OS are also possible.
• Systems to Enhance the Development Environment: Peripheral devices necessary for work (such as displays, mice, keyboards) can be purchased as office supplies. Generally, you can choose from standard products (catalog), and if conditions are met, you can apply for non-standard products as well.
• Money Forward Library: We have a library system where you can freely borrow books, ranging from technical books to management books. Desired books can be purchased at the company's expense.
• Referral Driven: We cover the cost of recruitment meals. There is a referral reward system.
• Conference Participation Support: The company partially covers participation in domestic and international conferences, such as RubyKaigi and Google I/O.