Job Specifications
Closing Date/Time: 2026-02-11, 12:00 p.m. EST
RQ10451 - Software Developer - Full Stack - Senior
In-depth development experience with JWT/JWS, PKI (X.509), OAUTH2, and SHA/SHA2.
Design, develop, and maintain digital credentials platform and services that support the full digital credentials lifecycle (issuance, holding, presentation, revocation, and status checks), using Python as a primary development language.
In-depth understanding of security and protocols such as OIDC, OIDF OpenID4VC/OpenID4VP, W3C DC-API, OAuth2, JWT/JWS(JOSE), TLS, PKI, CBOR/COSE, ECDSA P-256,Ed25519, SHA/SHA2, and RSA.
Knowledge of W3C verifiable credential data model, ISO/IEC 18013-X, ISO/IEC 23220-X (mDOC) and decentralized identifiers (DIDs).
JavaScript frameworks (React, Vue, Node.js), Python, Java, HTML5, CSS3 and similar stacks.
Start Date
2026-04-01
End Date
2027-03-31
# Of Openings
2
Office Location
222 Jarvis Street, Toronto
# Business Days
252.00
Organization
Government Services Integration Cluster
Max Extension Term(s)
1 Time
Key Responsibilities
Design, build, and maintain full‑stack components of the digital credentials platform using modern JavaScript frameworks (React, Vue, Angular), Python, Java, HTML5, CSS3 and similar stacks.
Develop and extend open source Open Wallet Foundation ACA-PY, credential exchange protocols, DID resolution services, and secure messaging workflows.
Implement credential lifecycle features—including issuance, presentation, revocation, and IETF Status List support—aligned with W3C Verifiable Credentials and decentralized identity standards.
Build secure APIs and asynchronous services to support verification flows, trust framework compliance, and interoperability across issuers, holders, verifiers, and external systems.
Apply strong security practices, implementing cryptographic operations, secure key management, and hardware‑backed storage patterns.
Ensure back‑end integrations follow best practices for authentication, authorization, encryption, and secure data exchange.
Support front‑end user interfaces and admin dashboards that interact with credential services, ensuring usability, performance, and accessibility.
Develop automated tests (unit, integration, API‑level), participate in code reviews, and uphold high engineering standards across the stack.
Collaborate closely with architects, DevOps, security specialists, and cross‑ministry stakeholders to ensure end‑to‑end functional integrity.
Document system designs, workflows, schema definitions, and operating procedures to support maintainability and knowledge sharing.
Participate in Agile ceremonies, support milestone planning, and assist in troubleshooting distributed digital credential environments.
Digital Credentials Platform Development - 40%
In-depth development experience with JWT/JWS, PKI (X.509), OAUTH2, and SHA/SHA2.
Design, develop, and maintain digital credentials platform and services that support the full digital credentials lifecycle (issuance, holding, presentation, revocation, and status checks), using Python as a primary development language.
Developing and extending Open Wallet Foundation ACA-PY agents, credential exchange protocols, DID resolution components, and secure messaging workflows.
Build and maintain credential status infrastructures, including IETF Status List implementations for revocation, suspension, and validity checking.
Develop RESTful service APIs and asynchronous service components supporting verifiable credential exchange, credential verification, trust framework compliance, and interoperability with external systems.
Implement secure interaction patterns between credential issuers, verifiers, and holders, ensuring compliance with decentralized identity standards, trust registries, and governance frameworks.
Ensure compliance with global digital identity standards and/or specifications such as W3C Verifiable Credentials, IETF, PCTF, NIST, and eIDAS.
In-depth understanding of security and protocols such as OIDC, OIDF OpenID4VC/OpenID4VP, W3C DC-API, OAuth2, JWT/JWS(JOSE), TLS, PKI, CBOR/COSE, ECDSA P-256,Ed25519, SHA/SHA2, and RSA.
Knowledge of W3C verifiable credential data model, ISO/IEC 18013-X, ISO/IEC 23220-X (mDOC) and decentralized identifiers (DIDs).
Contribute to standards adoption by evaluating new specifications (e.g., DIF, ToIP, IETF) and translating them into working production components.
Full‑Stack Development & Integration – 40%
Build user‑facing components, dashboards, or admin consoles that interface with digital credential services using modern JavaScript frameworks (React, Vue, Node.js), Python, Java, HTML5, CSS3 and similar stacks.
Integrate backend systems into broader enterprise and cross‑ministry ecosystems using REST APIs, event‑driven services, and secure messaging systems.
Contribute to containerized deployments using Docker and orchestrated environments such as Kubernetes.
Develop automated unit, integration, and API‑level tests to ensure robustness of d