Principal Software Engineer - Authorization Platform

PointClickCare•Mississauga, ON

7d•CA$156,000 - CA$174,000•Hybrid

About The Position

At PointClickCare, we are a leading health tech company dedicated to helping providers deliver exceptional care through innovative technology. As a founder-led and privately held organization, we foster an environment where employees can push boundaries, innovate, and shape the future of healthcare. Our platform serves over 30,000 provider organizations, impacting millions of lives with the largest long-term and post-acute care dataset and a marketplace of over 400 integrated partners. We are recognized by Forbes as a top private cloud company and by Canada's Most Admired Corporate Cultures. We empower our people to be the architects of a smarter, human-first healthcare future, accelerated by AI. Employees leverage AI as a catalyst for creativity, productivity, and thoughtful decision-making, enhancing collaboration and improving outcomes. Our hiring practices focus on uncovering AI expertise, and we invest in continuous training and development to nurture innovation. This role is part of a high-impact team transforming healthcare through technology. Our platform connects fragmented clinical systems to enable real-time care coordination across thousands of healthcare facilities, serving millions of users. The Principal Software Engineer will design and build scalable platform services, utilizing modern AI-augmented engineering practices to accelerate delivery, improve reliability, and enhance clinical and operational outcomes. This specific initiative focuses on modernizing our authorization platform, evolving how we express, evaluate, and audit access decisions across a multi-tenant healthcare SaaS environment. The role involves setting the strategy for moving from scattered, application-embedded authorization logic to a coherent, externalized authorization architecture that supports clinicians, partners, automated systems, and AI workflows.

Requirements

Strong track record building and shipping production software in modern languages (Java, Python, or similar).
Deep understanding of cloud-native architecture and distributed systems design patterns.
Expertise in design, optimization, and scaling for relational (SQL) database systems, bonus points for NoSQL database systems.
Experience designing and implementing RESTful APIs and microservices.
Proficiency with test-driven development, automated testing, and maintaining high code quality.
Hands-on experience with modern frontend frameworks, primarily React.
Working knowledge of CI/CD pipelines and infrastructure-as-code practices.
Experience with production observability, monitoring, and performance optimization tools.
Deep working knowledge of authorization models — RBAC, ABAC, and ReBAC and clear judgment on where each fits.
Hands-on experience designing PDP / PEP / PIP / PAP separations, including policy decision caching, and failure-mode design (fail-open vs. fail-closed, with explicit reasoning for each surface).
Practical experience with one or more OSS authorization frameworks in production.
Strong grasp of AuthN ↔ AuthZ boundaries.
Experience authoring policy-as-code.
Awareness of how authorization is evolving for AI agents and autonomous systems — comfortable reasoning about non-human principals, delegated authority, ephemeral identity, and the limits of current standards in agentic contexts.
Comfortable using AI-augmented development tools (e.g., GitHub Copilot, Claude Code) as part of your workflow.
Experience applying AI tools throughout the development lifecycle from requirements analysis, documentation to incident response.
Strong code review skills demonstrated through giving and receiving constructive feedback.
Experience with Git workflows and collaborative development practices.
Ability to balance feature delivery with system reliability and technical excellence.
Comfortable with on-call responsibilities and incident response.

Nice To Haves

Experience building and scaling SaaS platforms.
Track record of mentoring engineers or leading technical initiatives.
Background with Spring Boot and Java ecosystem.
Experience with Azure cloud services and Kubernetes (AKS).
Experience in healthcare technology or regulated industries.
Understanding of HIPAA compliance and handling sensitive data.

Responsibilities

Build robust platform services supporting clinical operations.
Partner with product and clinical teams to understand and solve real workflow challenges.
Drive architectural decisions for business platform services.
Own the reliability and performance of critical healthcare solutions.
Mentor team members on modern engineering practices.
Lead the design and rollout of an externalized authorization platform spanning RBAC, ABAC, and ReBAC models, choosing the right model for each domain (clinical data, administrative actions, cross-tenant sharing, etc.).
Define our PDP / PEP / PIP / PAP architecture, including policy authoring, distribution, caching, and decision logging for audit.
Extend our current homegrown authorization solution and, where it makes sense, augment it with reputable OSS frameworks as pragmatic evolution over rip-and-replace.
Partner with security, compliance, and product to translate HIPAA, consent, and least privilege requirements into enforceable policy.
Establish patterns for extending authorization to AI agents and automated actors (scoped credentials, delegated authority, human-in-the-loop approvals).