Staff Software Engineer, Identity & Access Management
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Staff Software Engineer, Identity & Access Management based in United States.
This role offers the opportunity to define and shape the security foundation of a complex technology platform through advanced identity and access management solutions.
You will serve as a technical authority, designing scalable authentication and authorization systems that protect critical applications and data.
The position combines software engineering leadership, security expertise, architecture ownership, and cross-team collaboration.
You will build core IAM services, establish engineering standards, and solve challenging infrastructure problems in a security-focused environment.
The ideal candidate brings deep distributed systems experience, strong identity expertise, and the ability to influence technical direction across teams.
This is a high-impact opportunity to help create secure, reliable platforms while mentoring engineers and raising engineering standards.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Staff Software Engineer, Identity & Access Management based in United States.
This role offers the opportunity to define and shape the security foundation of a complex technology platform through advanced identity and access management solutions.
You will serve as a technical authority, designing scalable authentication and authorization systems that protect critical applications and data.
The position combines software engineering leadership, security expertise, architecture ownership, and cross-team collaboration.
You will build core IAM services, establish engineering standards, and solve challenging infrastructure problems in a security-focused environment.
The ideal candidate brings deep distributed systems experience, strong identity expertise, and the ability to influence technical direction across teams.
This is a high-impact opportunity to help create secure, reliable platforms while mentoring engineers and raising engineering standards.
Accountabilities
- Own the technical architecture and long-term strategy for authentication and authorization systems across the platform, ensuring security, scalability, and maintainability.
- Design, build, and evolve identity infrastructure using modern identity provider technologies, including federation, single sign-on (SSO), token management, and multi-tenant identity workflows.
- Develop and maintain authorization systems using fine-grained access control models such as Relationship-Based Access Control (ReBAC), ensuring consistent and secure permissions across services.
- Build IAM-related services, including directory services, user management systems, and integrations that extend core identity capabilities.
- Establish and promote authentication and authorization standards, patterns, and best practices across engineering teams.
- Partner with technical leaders to translate security and business requirements into actionable technical roadmaps and implementation plans.
- Lead project planning, technical scoping, estimation, and execution for complex IAM initiatives.
- Identify and resolve technical risks, performance challenges, security gaps, and architectural limitations within identity systems.
- Participate in architecture reviews and help improve engineering quality across the organization.
- Mentor senior engineers by sharing expertise in software architecture, identity protocols, security patterns, and engineering practices.
- Contribute to the development of secure, reliable, and scalable distributed services from design through production operations.
- Extensive experience as a Staff or Senior Software Engineer building platform, infrastructure, or distributed systems.
- Strong understanding of identity and access management concepts, including authentication, authorization, identity providers, and secure access patterns.
- Hands-on experience with authentication protocols such as OAuth 2.0, OpenID Connect (OIDC), and SAML.
- Proven ability to design, build, and deliver production-grade services across the full software development lifecycle.
- Experience with identity platforms such as Keycloak or similar solutions is preferred, with the ability and willingness to develop deep expertise in IAM technologies.
- Knowledge of authorization models including ReBAC, RBAC, and ABAC, with experience applying secure access control principles.
- Strong architectural judgment and ability to drive technical decisions across multiple teams.
- Experience breaking down ambiguous initiatives, estimating complex projects, and creating realistic execution plans.
- Strong communication skills with the ability to explain complex security and technical concepts to both technical and non-technical audiences.
- Proficiency in modern software engineering practices, including API design, service decomposition, testing strategies, and CI/CD workflows.
- Experience working with Kubernetes, containerized environments, and modern infrastructure platforms.
- Familiarity with self-hosted or on-premises infrastructure environments is a plus.
- Experience working in security-sensitive or compliance-focused environments such as government, defense, regulated industries, or standards-driven organizations is preferred.
- Ability to operate effectively in ambiguous environments while creating clarity and driving progress.
- Competitive base salary range of $185,000 - $260,000 USD.
- Equity stock options with additional performance-based grant opportunities.
- Annual bonus opportunities tied to company performance and individual contributions.
- Comprehensive medical, dental, and vision insurance starting on day one.
- Company-supported mental health resources, counseling, and coaching programs.
- 401(k) retirement plan with company matching contributions.
- Unlimited vacation and dedicated health and wellness days.
- Paid parental leave to support employees and families.
- Employee referral rewards ranging from $1,500 - $3,500 for qualified hires.
- Wellness benefits, including fitness program support and equipment discounts.
- LinkedIn Learning membership and continuous professional development opportunities.
- Monthly team connection reimbursements to support remote collaboration.
- Additional perks including legal plan coverage, pet insurance, and wellness reimbursements.
- Fully remote work environment with opportunities to collaborate across distributed teams.