Job Description
About the Team
We deliver secure, low-friction authentication for PayPal’s next-generation iOS app: login, account recovery, passkeys, session management, device trust, and strong signals for fraud defense. We work closely with security engineering and platform identity services to protect customers at global scale.
What You’ll Do (Both Levels)
• Build native iOS (Swift) authentication features end to end: login/sign-up, 2FA, account recovery, re-auth challenges, and token lifecycle.
• Integrate OAuth 2.1 and OpenID Connect with PKCE; manage tokens (access/refresh/ID), revocation, and session state.
• Implement Passkeys (WebAuthn/FIDO2), biometric auth (Face ID/Touch ID), device trust, and attestation using App Attest / DeviceCheck.
• Use Keychain and Secure Enclave for credential and key storage; enforce ATS and TLS pinning.
• Collaborate with backend identity services on protocol correctness, error surfaces, and threat mitigations.
• Build robust tests (unit, UI with XCTest/XCUITest), add analytics/telemetry, and support CI/CD (Xcode Cloud/Fastlane or similar).
• Ensure Accessibility (VoiceOver, Dynamic Type), localization, and privacy by design.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Mid-Level iOS – Minimum Qualifications
• 3–7years native iOS app development in Swift.
• Strong with iOS architecture (MVVM/MVI), Combine or async/await, dependency injection, URLSession/Alamofire.
• Production experience with OAuth 2.x/OIDC, PKCE, redirects/universal links, and token storage/refresh semantics.
• Hands-on with Keychain, Secure Enclave, LocalAuthentication (Face ID/Touch ID), and ATS.
• Experience implementing Passkeys on iOS (AuthenticationServices), including discoverable credentials and account recovery patterns.
• Testing depth with XCTest/XCUITest; performance profiling (Instruments) and memory/network optimization.
Nice to Have Skills & Experience
• Security-minded: threat modeling, replay attack mitigations, phishing-resistant UX patterns.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.