Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
https://bayt.page.link/nKS4RbbsLzZGnRvz5
Back to the job results

Staff Software Engineer — Identity & Access Management

12 hours ago 2026/10/29
Other Business Support Services
Create a job alert for similar positions
Job alert turned off. You won’t receive updates for this search anymore.

Job description

We're looking for a Staff Engineer to join our Identity & Access Management (IAM) platform team. This is an individual contributor role with outsized technical scope: you'll be the technical anchor for how Xsolla builds secure, high-scale auth infrastructure — setting direction, making hard architectural calls, and raising the bar across the org.


You will own the strategy behind authentication, authorization, and session management at scale, and evolve our OAuth 2.0 / OIDC flows and token lifecycle to meet both product and compliance needs. You operate with significant autonomy, but your decisions ripple across teams — so you'll spend real time building buy-in with engineering and security stakeholders, not just designing in isolation.


You are technically deep, calm under pressure, and comfortable being the escalation point when production IAM issues get hard. You write the RFCs and design docs that people actually read, and you create leverage for the broader engineering org through documentation, tooling, and mentorship — without needing a management title to do it.





Responsibilities


  • Own IAM Architecture & Strategy — Own the technical strategy and architecture of our IAM platform, covering authentication, authorization, and session management at scale.
  • Design Auth Protocols — Design and evolve our OAuth 2.0 / OIDC flows, token lifecycle, and security primitives to meet both product and compliance requirements.
  • Drive Cross-Team Technical Decisions — Drive decisions on protocol design, data modeling, and platform reliability, and build buy-in across engineering and security teams.
  • De-Risk Proactively — Identify systemic risks and performance bottlenecks; lead initiatives to resolve them before they become incidents.
  • Set Engineering Standards — Define engineering standards, review critical code and designs, and create leverage for the team through documentation, tooling, and mentorship.
  • Align with Stakeholders — Collaborate with product, security, and infra teams to align on roadmap and translate business needs into well-scoped technical plans.
  • Own Production Escalations — Serve as the go-to escalation point for complex production issues in the IAM domain.


Requirements


Identity & Security


  • OAuth 2.0 / OIDC Depth — Deep understanding of OAuth 2.0, OIDC, and related auth flows: authorization code + PKCE, client credentials, device flow, token introspection, refresh strategies.
  • Web Security Fundamentals — Solid grasp of cookie security, CSRF, XSS, token storage, TLS, and secure session management.
  • Production IAM Experience — Experience designing or operating production-grade IAM or auth systems.

Backend Engineering


  • Go Engineering — Strong Go (Golang) engineering skills: idiomatic code, concurrency patterns, performance profiling.
  • Distributed Systems — Experience with distributed systems and their trade-offs (consistency, availability, failure modes).

Data & Infrastructure


  • PostgreSQL — Schema design, query optimization, migrations at scale.
  • Kubernetes — Deploying, operating, and debugging services in a k8s environment.
  • Message Streaming — Kafka or NATS — event-driven patterns, consumer groups, at-least-once delivery.
  • Git & CI/CD — Git and modern CI/CD practices.

Leadership


  • Cross-Team Initiative Leadership — Proven ability to lead multi-quarter technical initiatives across teams.
  • Architectural Influence — Track record of influencing architecture and standards beyond your immediate team.
  • Written & Verbal Communication — You write RFCs and design docs that people actually read.



Nice to Have


  • Hands-on experience with the Ory ecosystem (Hydra, Kratos, Keto) — operating it in production or building on top of its APIs
  • Experience with CockroachDB or other distributed SQL databases (multi-region deployments, clock skew handling, survivability trade-offs)
  • Familiarity with compliance requirements relevant to IAM: SOC 2, ISO 27001, GDPR data minimization, audit logging
  • Contributions to open-source security or identity projects
  • Experience building or integrating with SCIM, SAML, or enterprise SSO (LDAP / Active Directory)
  • Background in platform or infrastructure engineering — building systems other engineers build on top of
  • Hands-on, up-to-date experience with modern AI tools (e.g. Claude, Copilot, Cursor) for code generation, review, and accelerating day-to-day engineering work


This job post has been translated by AI and may contain minor differences or errors.
You’ve reached the maximum limit of 15 job alerts. To create a new alert, please delete an existing one first.
Job alert created for this search. You’ll receive updates when new jobs match.
Are you sure you want to unapply?

You'll no longer be considered for this role and your application will be removed from the employer's inbox.