Principal Software Engineer
About The Position
At eBay, we're more than a global ecommerce leader — we’re changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We’re committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts. Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work — every day. We're in this together, sustaining the future of our customers, our company, and our planet. Join a team of passionate thinkers, innovators, and dreamers — and help us connect people and build communities to create economic opportunity for all. Role Summary The Principal Engineer in the Identity Domain provides senior technical leadership for identity services across the platform. This role defines and evolves enterprise-wide identity and access management (IAM) capabilities, influencing architecture, engineering standards, and execution across multiple teams. The Principal Engineer sets technical direction for authentication, authorization, and identity federation, drives adoption of modern identity standards, and ensures identity is implemented as a consistent, secure platform capability.
Requirements
- Extensive experience designing and building identity and access management systems
- Strong knowledge of identity protocols and standards (OAuth 2.0, OIDC, SAML, SCIM)
- Experience with federated and unified identity architectures in distributed environments
- Proven ability to influence technical direction across multiple teams and platforms
Nice To Haves
- Experience with identity verification, risk-based authentication, or trust signals
- Familiarity with Zero Trust architectures and adaptive access control models
- Experience operating identity platforms at scale in regulated or security-sensitive environments
Responsibilities
- Act as the senior technical authority for identity services across platforms and teams
- Define and evolve enterprise-wide IAM architecture and engineering standards
- Design and maintain reference implementations for core identity capabilities
- Review and influence system designs and code to ensure security, scalability, and correctness
- Architect and implement OAuth 2.0, OpenID Connect (OIDC), and SAML 2.0 for SSO and federation across hybrid, multi-cloud, and SaaS environments
- Drive adoption of phishing-resistant, passwordless authentication, including FIDO2, WebAuthn, and Passkeys
- Define API authorization patterns using JWT and mTLS for service-to-service communication
- Lead the transition to adaptive, context-aware authorization models (RBAC/ABAC) aligned with Zero Trust principles
- Define and implement automated identity lifecycle management using SCIM
- Guide teams on unified and federated identity constructs and cross-domain trust models
- Incorporate global trends in identity and identity verification into platform design and standards
- Mentor engineers across teams, raising the bar for identity and security engineering
- Provide technical guidance to product and platform partners on identity-related decisions
- Influence roadmaps and priorities through technical leadership and domain expertise
Benefits
- a target bonus
- restricted stock units (as applicable)
- a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as PTO and parental leave)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
