Raiffeisen Bank is the largest Ukrainian bank with foreign capital. For more than 30 years, we have been creating and building the banking system of our country.
Raiffeisen employs more than 5,000 employees, including one of the largest product IT teams, which includes 900+ specialists. Every day, we work side by side so that more than 2.5 million of our clients can receive quality service, use the bank’s products and services, and develop their business, because we are #TogetherWithUkraine.
We are looking for a Senior Golang Developer to own and evolve our authorization platform within the Product Security team. You will be playing a vital role for our access control infrastructure — designing authorization architectures, driving technical decisions, and ensuring our platform scales securely across the organization. We encourage leveraging AI-powered tools to accelerate development and improve efficiency.
Your future responsibilities:
Own the architecture of the authorization platform end-to-end — from design through production operations
Design and implement sidecar-based authorization mechanisms and policy enforcement engines
Define authorization models (RBAC, ABAC, ReBAC) and translate business requirements into enforceable policies
Drive technical decisions on authorization infrastructure — evaluate, select, and integrate tools (OpenFGA, OPA, SpiceDB, etc.)
Design token exchange and delegation flows (OAuth 2.0 OBO, Keycloak token exchange) for multi-service authorization
Collaborate with platform, security, and product teams to define access control policies and architectural standards
Mentor and enable other engineering teams on secure authorization patterns and integration best practices
Own CI/CD pipelines and infrastructure as code for authorization services — ensuring reliability, observability, and fast delivery
Lead incident response for authorization-related issues — troubleshoot, resolve, and drive root-cause improvements
Contribute to technical strategy — ADRs, RFCs, technical documentation, and knowledge sharing across teams
Leverage AI tools and automation to accelerate development, reduce toil, and improve code quality
Your skills and experience:
Technical Skills:
5+ years of professional Golang development
Expert-level understanding of Go concurrency patterns, interfaces, and idiomatic Go
Deep knowledge of authorization models and systems (RBAC, ABAC, ReBAC, Zanzibar-style)
Hands-on experience with policy engines (OPA/Rego, OpenFGA, or similar)
Experience designing and operating sidecar-based authorization at scale
Strong understanding of OAuth 2.0 / OIDC flows, token exchange, and identity federation (Keycloak or similar IdP)
Experience with PostgreSQL and data modeling for access control
Ability to design systems for high availability, low latency, and horizontal scalability
Practical use of AI-assisted development tools (GitHub Copilot, Claude, Cursor, etc.
DevOps & Infrastructure:
Advanced Kubernetes experience (operators, CRDs, admission webhooks, troubleshooting at cluster level)
Experience designing and maintaining CI/CD pipelines (GitHub Actions)
Proficiency with ArgoCD for GitOps-based continuous delivery
Experience authoring and managing Helm charts for complex deployments
Infrastructure as code with Terraform/Terragrunt — including module design and state management
Observability setup for authorization services (metrics, tracing, alerting)
Leadership & Soft Skills:
Proven ability to make and communicate architectural decisions (ADRs, RFCs)
Experience influencing technical direction across multiple teams without formal authority
Track record of mentoring engineers and conducting knowledge transfer (workshops, documentation, pairing)
Strong ownership mindset — takes problems from identification through resolution independently
Security-first thinking — anticipates attack vectors and designs defensively
Clear communication — can explain complex authorization co


