Join our Customer identity & access management engineering team as a full-stack engineer focused on CIAM using IBM Security Verify. You’ll help build secure, customer-friendly authentication and authorization experiences across our digital channels, working with Node.js and React under guidance from senior engineers.
Implement and maintain CIAM features: registration, login, MFA, account recovery, consent, and profile management using IBM Security Verify.
Build and update Node.js/TypeScript APIs and microservices (Express or NestJS) for auth and user profile flows.
Develop React components/pages for authentication UX (hosted pages and embedded widgets) with accessibility and performance in mind.
Integrate with IBM Security Verify: configure applications, policies, user directories, branding, and hooks; assist with SSO and social login setups.
Apply standards and best practices for OAuth 2.0, OIDC, and JWT (including PKCE) across web and mobile flows.
Implement secure session and token handling; contribute to CSRF/XSS/CORS mitigations and secure cookie management.
Write tests (unit/integration/e2e) and participate in code reviews; document features and runbooks.
Support CI/CD pipelines, environment configuration, and monitoring for identity services.
Troubleshoot issues, triage bugs, and assist in root-cause analysis with senior guidance.
1–2 years of software development experience (internships/co-ops included) or strong project-based portfolio.
Proficiency in JavaScript/TypeScript, Node.js (Express/NestJS), and React (Hooks, Context; basic state management).
Basic understanding of OAuth 2.0, OIDC, JWT, and web auth flows (authorization code + PKCE).
Familiarity with REST APIs, JSON, and front-end routing (React Router or Next.js).
Knowledge of core web security concepts: XSS, CSRF, CORS, secure cookies.
Experience with Git and CI/CD basics (GitHub Actions, GitLab CI, or Azure DevOps).
Strong problem-solving, willingness to learn, and attention to detail.
Exposure to IBM Security Verify (CIAM) configuration: apps, policies, MFA, branding, and user management.
Experience with MFA methods (TOTP, push, SMS/email) and WebAuthn/passkeys.
Understanding of accessibility (WCAG) and performance tooling (Lighthouse).
Familiarity with cloud platforms (AWS/Azure/GCP), Docker, and Terraform basics.
Experience with testing tools: Jest, React Testing Library, Cypress, Postman.
Key Learning Opportunities
Hands-on mentorship in IBM Security Verify: tenant configuration, app integration, policies, flows, and SDKs.
Secure auth design: PKCE, token lifecycles, session management, and adaptive MFA.
Building observable services (logging, metrics, alerts) and contributing to reliability.
Conversion-focused auth UX with analytics to improve registration/login funnels.
IBM Security Verify (CIAM platform)
Node.js, TypeScript, Express/NestJS
React, Next.js, React Query/Redux (as needed)
OAuth 2.0, OIDC, JWT, PKCE, WebAuthn/MFA
GitHub/GitLab, CI/CD, Docker; AWS/Azure/GCP (intro level)
Jest, React Testing Library, Cypress, Postman, OpenAPI/Swagger
Clear communication and collaboration with cross-functional teams.
Ownership of tasks, reliable delivery, and documentation habits.
When you join our team:
We’ll empower you to learn and grow the career you want.
We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
As part of our global team, we’ll support you in shaping the future you want to see.
The role being advertised is an existing vacancy.
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact hr@manulife.com.
Referenced Salary Location
USA, Massachusetts, Boston, 200 Berkeley StreetWorking Arrangement
Salary range is expected to be between
$90,160.00 USD - $167,440.00 USDEmployees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. If you are applying for this role outside of the primary location, please contact hr@manulife.com for the salary range for your location.
Manulife/John Hancock offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension/401(k) savings plans and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in the U.S. includes up to 11 paid holidays, 3 personal days, 150 hours of vacation, and 40 hours of sick time (or more where required by law) each year, and we offer the full range of statutory leaves of absence.
We use data and analytics technologies, such as artificial intelligence (AI), and automated processing tools, to analyze and process the information you provide to us or third parties in the application process. For more information, please refer to our personal information collection statement.
Know Your Rights I Family & Medical Leave I Employee Polygraph Protection I Right to Work I E-Verify
Company: John Hancock Life Insurance Company (U.S.A.)