Key Takeaways

  • 75% of U.S. employers use automated applicant tracking systems to screen resumes before a human reviews them (Harvard Business School & Accenture, 2021)
  • The most common ATS failures are missing keywords, incompatible formatting, and incorrect file types
  • ResumeGeni scores your resume across 8 parsing layers — modeled on the same steps enterprise ATS platforms like Workday, Greenhouse, and Taleo use to evaluate candidates

How ATS Resume Scoring Works

Applicant tracking systems parse your resume into structured data — extracting your name, contact info, work history, skills, and education — then score how well that data matches the job requirements. Many ATS rejections happen because the parser couldn't extract critical fields, not because the candidate wasn't qualified.

LayerWhat It ChecksWhy It Matters
Document extractionFile format, encoding, readabilityCorrupted or image-only PDFs fail immediately
Layout analysisTables, columns, headers, footersMulti-column layouts break field extraction
Section detectionExperience, education, skills headingsNon-standard headings cause sections to be missed
Field mappingName, email, phone, dates, titlesMissing contact info is a common cause of immediate rejection
Keyword matchingJob-specific terms, skills, certificationsKeyword overlap affects recruiter search visibility and ATS scoring
Chronology checkDate ordering, gap detectionReverse-chronological order is expected by most ATS
QuantificationMetrics, numbers, measurable outcomesQuantified achievements help human reviewers and some scoring models
Confidence scoringOverall parse quality and completenessLow-confidence parses get deprioritized in results

Frequently Asked Questions

Is ResumeGeni free?
Yes. ResumeGeni is currently in beta — ATS analysis, scoring, and initial improvement suggestions are free with no signup required. Full guidance and saved reports may require a free account.
What file formats are supported?
PDF, DOCX, DOC, TXT, RTF, ODT, and Apple Pages. PDF and DOCX are recommended for best ATS compatibility.
How is the ATS score calculated?
Your resume is processed through an 8-layer parsing pipeline that extracts structured data the same way enterprise ATS platforms do. The score reflects how completely and accurately your resume can be parsed, plus how well your content matches common ATS ranking criteria.
Can ATS read PDF resumes?
Yes, but not all PDFs are equal. Text-based PDFs parse well. Image-only PDFs (scanned documents) and PDFs with complex tables or multi-column layouts often fail ATS parsing. Our analyzer will flag these issues.
How do I improve my ATS score?
Focus on three areas: use a clean single-column format, include keywords from the job description naturally in your experience bullets, and ensure all sections (contact, experience, education, skills) use standard headings.

ATS Guides & Resources

Built by engineers with 12 years of experience building enterprise hiring technology at ZipRecruiter. Last updated .

Sr. Fullstack Engineer - Identity Platform

Zapier · NAMER

AI at Zapier

At Zapier, we build and use automation every day to make work more efficient, creative, and human. So if you’re using AI tools while applying here - that’s great! We just ask that you use them responsibly and transparently.

Check out our guidance on How to Collaborate with AI During Zapier’s Hiring Process, including how to use AI tools like ChatGPT, Claude, Gemini, or others during our hiring process - and when not to.


Job Posted: March 17, 2026

Location: Americas - North, Central and South America

Zapier's mission is to enable enterprise companies to build and maintain dependable AI workflows at scale. The Identity Platform team builds the golden path that every product team uses to deliver reliable, consistent, and secure experiences to these customers. Authentication, session management, and credential infrastructure are the foundation. Get them right, and every product team ships faster with confidence. We're hiring a Senior Fullstack Engineer to own this foundation, drive the strategic and architectural direction of this layer for years to come, and directly unlock our largest enterprise deals.

What you'll work on

  • Enterprise authentication infrastructure. You'll design and extend the systems that handle SAML SSO, SCIM provisioning, OAuth/OIDC flows, multi-factor authentication, login, sign-up, and secure session for organizations with thousands of users. That spans the full auth surface: SCIM-driven user provisioning and de-provisioning, invitation flows, 2FA setup, SSO-enforced login, domain capture for auto-routing new signups, and session hardening. Reliability, latency, and efficiency are non-negotiables; auth is the most critical-path system at the company. You'll make these systems faster, more resilient, and easier for other teams to integrate with.

  • User session auth across services. Zapier is a multi-service platform. You'll own how user sessions propagate across service boundaries; making sure authentication context is consistent, secure, and performant whether a request hits the monolith, a Node.js service, or a Go microservice. You'll evolve JWT validation, token exchange, and session tracking to handle the complexity of a growing service footprint.

  • Enterprise authentication controls and compliance. Enterprise customers need org-level authentication policy enforcement: forced SSO, domain capture, admin-managed authentication requirements, and credential lifecycle controls like JWT key rotation, token refresh, and session expiry policies. You'll build and extend the APIs that give admins confidence their organization meets their security standards. SOC 2 access control evidence, GDPR data subject requests, and audit trail requirements are design constraints you'll work within regularly, not afterthoughts.

  • Platform APIs that other teams depend on. Identity is infrastructure. Your APIs, libraries, and contracts are consumed by dozens of teams. You'll design for backward compatibility, clear documentation, and low integration friction. But shipping the API is half the job. You'll also drive adoption: writing integration guides, running migration paths, and embedding with product teams to help them use auth capabilities correctly. Internal engineering teams' needs carry the same weight as end-customer value.

Level

This is a Senior Engineer role. Senior engineers at Zapier own outcomes end-to-end within their team and extend impact beyond it. You'll coordinate across ownership boundaries, shape technical direction for adjacent systems, and bring other engineers along with you.

Our level definitions may look different from what you've seen elsewhere. We'll be transparent about leveling before you reach the final stages.

About you

  • You've set the vision and built identity systems for enterprise SaaS at scale. Not configured them, built them. You have hands-on experience with SAML, SCIM, OAuth/OIDC, or JWT in a multi-tenant SaaS environment. You understand authentication at a protocol level, not a checkbox level. You've dealt with token replay, session fixation, key rotation under load, multi-IdP federation, just-in-time provisioning, or identity linking across auth methods in real systems serving real users. You know what breaks when an organization with 5,000 employees connects their IdP to your platform for the first time. You are a thought leader in the Identity domain who proactively follows industry trends and Enterprise user management best practices.

  • You work through AI agents, not alongside them. Your daily development workflow is built around directing and reviewing agent-written code, not writing it by hand. You have opinions about which models to use for which tasks, you've hit real failure modes and built mitigations, and your workflow is actively evolving. When you hit unfamiliar territory, you don't slow down; you point your agent at the codebase, research the domain, and draft a plan. Then you build a POC or working prototype to demonstrate the concept in hours, not iterate on a planning doc for days. You jump into unfamiliar codebases, use your agent to map the landscape, and ship draft MRs or integration proposals within days. At this level, that means going into other teams' code when an integration is blocked, not waiting for their capacity. Bonus: you enable others on your team to work this way too.

  • You think in platforms, not features. You've built systems other engineering teams depend on. You know what it means to ship a breaking change to an internal API, maintain backward compatibility under pressure, and write contracts that hold up as the organization scales. You understand the cost of coupling and the discipline of good boundaries.

  • You're comfortable across the stack. This is a fullstack role on a platform team. You'll write backend services in Python and Node.js, work with Django and Fastify, touch React when building admin tooling or developer-facing UIs, and navigate infrastructure concerns like Kubernetes, Terraform, and CI/CD pipelines. You don't need to be an expert in all of these, but you can't be afraid of any of them.

  • You believe enterprise can move fast, and you ship through ambiguity to prove it. You've seen (or want to prove) that shipping to enterprise customers doesn't have to mean slow, waterfall-style cycles. When there's no spec, no designs, and no clear path forward, your first instinct is to gather evidence, break the problem into a narrow first slice, and get rough working software into production within days, not weeks. You use working prototypes to drive alignment rather than waiting for consensus. You see compliance, security, and rollout considerations as interesting design constraints, not reasons to slow down. You're comfortable throwing work away when direction changes and you treat discarded work as a fast learning loop, not a loss.

  • You work close to the customer. "Customer" for this team means both enterprise buyers evaluating Zapier's security posture and internal engineering teams integrating with your APIs. You pull from both; reviewing customer security questionnaires, sitting in on enterprise calls, reading support tickets, and talking directly to engineers who consume your platform. You’ll also work closely with customer support teams to provide them with the tools and processes to troubleshoot customer issues and incidents.

  • You own your work, yourself, and your communication. You take initiative without waiting for permission and ship fast and share early. You manage up and across in an async-first culture, flagging risks, surfacing decisions, and keeping stakeholders informed without being asked. You use written artifacts, working demos, and rough prototypes as your primary communication tools, not meetings. You also own your mistakes, your gaps, and your role in friction, openly. You say "I don't know" and "I was wrong" out loud, early, and without shame.

Things you'll do

  • Design and maintain authentication and session systems (SAML, SCIM, OAuth/OIDC, MFA, login, sign-up, 2FA, user provisioning) as Zapier scales to larger and more security-conscious customers

  • Own user session propagation and JWT validation across a multi-service architecture spanning Python, Node.js, and Go

  • Build enterprise authentication controls and governance APIs: forced SSO, domain capture, credential lifecycle, admin authentication policies

  • Build and maintain platform libraries consumed by dozens of internal teams

  • Treat reliability, latency, and efficiency of auth systems as non-negotiables; build the monitoring, observability, and audit logging to back that up

  • Respond to authentication-related incidents and participate in on-call rotation

  • Enable Security, Enterprise Response, and product team partners to move faster by removing auth bottlenecks and proactively surfacing what they need

  • Join yearly company retreats that rotate to various cities throughout North America

Application Deadline:

The anticipated application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later, or if the position is filled.

Even though we’re an all-remote company, we still need to be thoughtful about where we have Zapiens working. Check out this resource for a list of countries where we currently cannot have Zapiens permanently working.

View full listing