Principal Full Stack Engineer-IAM

We are looking for Full stack developer with Identity and Access Lifecycle management experience, with 5+ years of relevant experience, capable of delivering enterprise solutions.  Technically, you will be comfortable working using Agile methodologies in a Scrum/SAFe environment, and have proven experience designing, building and managing enterprise application with modern authentication capabilities for Cloud and self-hosted applications.

You will be working towards improving the maturity of IAM capabilities within GSK driving security and user experience.

Your responsibilities include:

• Design, development and implementation of the IAM related business process.

  
  
  

• The role involves contributing to the end-to-end identity and account lifecycle processes within GSK. The primary responsibilities include ensuring provisioning/ deprovisioning secure management of access to applications and resources both on-premises and in the cloud.

  
  
  

• Supporting the product owner and architects in the entire lifecycle of user identities, from provisioning and modification to de-provisioning, ensuring accurate and timely access rights.

  
  
  

• Ensure that GSK's regulatory requirements are met and continuously evolve and improve the underlying processes, strategies, and roadmap of capabilities and offerings by adopting new technologies where beneficial (such as automation, AI/ML, analytics, etc.).

  
  
  

• Assist the IAM team and be POC for compliance with authorities during test of control verification.

  
  
  

• Act as the SME for IAM technologies, including but not limited to Identity Governance and Administration (IGA), Account and Access provisioning / deprovisioning, Access reviews, Identity & Access Reporting, Integration with HR source applications, Password management.

  
  
  

• Ensure the security of IAM systems by implementing best practices and monitoring for vulnerabilities.

  
  
  

• Work with IT teams and stakeholders to understand requirements and provide technical support.

  
  
  

• Maintain comprehensive documentation of configurations, processes, and protocols.

  
  
  

• Continuously evaluate and implement new IAM technologies and best practices to enhance security and efficiency.

  
  
  

Required Skills & Qualifications:

• Overall, 8 to 11years of professional experience

  
  
  

• Education: Bachelor’s degree in computer science, Information Technology, or related discipline (or equivalent experience).

  
  
  

• Extensive hands-on experience developing and deploying enterprise Identity and Access Management (IAM) applications using Next.js for front-end and NestJS (or Express/Nest hybrid) for back-end services.

  
  
  

• Strong experience in designing and implementing GraphQL APIs, including schema design, resolvers, performance optimization, security, and observability is required.

  
  
  

• Practical expertise with GraphQL Federation (Apollo Federation or equivalent) to compose and operate a federated GraphQL graph across multiple services and teams.

  
  
  

• Proven ability to design GraphQL schemas that meet complex enterprise IAM data and workflow requirements and to implement resolvers that integrate data from Active Directory/Entra ID, LDAP, relational and NoSQL databases, and REST/SOAP endpoints.

  
  
  

• Experience applying security guardrails within GraphQL (query depth/complexity limits, persisted queries, authorization at field/resolver level, input validation, and rate limiting).

  
  
  

• Advanced TypeScript expertise across full-stack development, with experience building and deploying TypeScript services in cloud serverless or containerized environments (Azure, or similar).

  
  
  

• Skilled at designing abstraction layers and clear boundaries that simplify complex IAM systems and isolate business logic for maintainability and testability.

  
  
  

• Experience orchestrating cross functional IAM business processes to provide seamless end to end workflows across enterprise systems and stakeholders.

  
  
  

• Strong debugging and troubleshooting skills for distributed systems, GraphQL APIs, and serverless/containerized deployments.

  
  
  

• Solid understanding of testing strategies (unit, integration, contract, end to end) and traceability practices through testing and release cycles.

  
  
  

• Proficient using GitHub and Azure DevOps for version control, CI/CD pipelines, and deployment automation.

  
  
  

• Deep knowledge of enterprise IAM concepts, security posture, compliance requirements, and audit readiness.

  
  
  

• Experience working with relational and NoSQL databases commonly used in enterprises (Azure SQL, IaaS SQL, Oracle, etc.).

  
  
  

• Familiarity with application security best practices and tools to protect enterprise systems and APIs.

  
  
  

• Excellent verbal and written communication skills to translate technical concepts to non technical stakeholders and auditors.

  
  
  

• Strong understanding of audit and regulatory compliance, and experience engaging with compliance teams and authorities.

  
  
  

• Demonstrated experience integrating IAM systems with LDAP, Entra ID and Active Directory (AD).

  
  
  

• Familiarity with cloud IAM offerings and identity features on Microsoft Azure and other cloud providers.

  
  
  

• Soft skills: strong problem-solving ability, collaborative/team-oriented mindset, and effective stakeholder communication.

  
  
  

Preferred Qualifications:

• Proficiency in TypeScript and JavaScript for automation and service development; familiarity with .NET is a plus for cross-ecosystem integrations.

  
  
  

• Strong front-end experience with Next.js, React, and modern front-end tooling (HTML, CSS, TypeScript) to build secure admin and self-service IAM interfaces.

  
  
  

• Hands on experience building and maintaining GraphQL clients (Apollo Client or similar) and implementing client-side caching and performance strategies.

  
  
  

• Experience authoring automated unit, integration and contract tests for GraphQL services and performing static/dynamic code analysis.

  
  
  

• Expertise implementing CI/CD pipelines for GraphQL and Node/NestJS applications using GitHub Actions, Azure DevOps, or equivalent tooling.

  
  
  

• Experience deploying, managing and monitoring applications in cloud environments such as Microsoft Azure or Google Cloud Platform.

  
  
  

• Prior experience in centralized IT teams within highly regulated industries (pharmaceuticals, financial services, healthcare) is highly desirable.

  
  
  

• Experience establishing governance, security, and operational frameworks for AI/automation solutions; familiarity with design principles for safe, auditable automation (including Agentic AI concepts) is a plus.

  
  
  

• Familiarity with business process automation patterns and tooling used alongside IAM (workflow engines, event-driven architectures, service meshes).

  
  
  

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases – to impact health at scale.

People and patients around the world count on the medicines and vaccines we make, so we’re committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people.

Inclusion at GSK:

As an employer committed to Inclusion, we encourage you to reach out if you need any adjustments during the recruitment process.

Please contact our Recruitment Team at IN.recruitment-adjustments@gsk.com to discuss your needs.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.

GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.

If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in “gsk.com”, you should disregard the same and inform us by emailing askus@gsk.com, so that we can confirm to you if the job is genuine.