Software Engineer II - Identity & Access Management (Core Infra IO)

About The Position

Requirements

• You are a mid-level software engineer who has shipped and supported production systems, and who wants to specialize in identity, security, and platform infrastructure.
• Experienced systems builder: You have 2-5+ years of professional software engineering experience, including building and operating backend or full-stack services in production.
• Strong fundamentals & debugging skills: You are comfortable reasoning about data models, API design, concurrency, and failure modes, and you can dig through logs, metrics, and traces to identify root causes and implement systemic fixes.
• Security & identity motivated: You’re excited by authentication, authorization, and account security problems and want to deepen your expertise in areas like MFA, SSO, SCIM, OAuth, and roles/permissions.
• Platform/infra mindset: You like building reusable services and tools that other engineers rely on, including libraries, SDKs, and patterns that raise the floor for quality and security across the org.
• Ownership & collaboration: You take responsibility for outcomes, not just code. You’re comfortable driving a small project or component, coordinating with partner teams, and communicating trade-offs clearly in design docs and PRs.
• You’ve already experimented with AI in work or personal projects, and you’re excited to dive in and learn fast. You’re hungry to responsibly explore new AI tools and workflows, finding ways to make your work smarter and more efficient.
• 2-5+ years of professional software engineering experience.
• Proficiency in at least one of Python, Go, or TypeScript/JavaScript, and comfort working on backend and/or service-oriented systems.
• Experience building or operating web services or APIs backed by relational databases and/or caches (e.g., MySQL, Postgres, Redis).
• Familiarity with authentication or authorization concepts (sessions, tokens, OAuth, SSO, MFA, RBAC) and an interest in going much deeper.
• Exposure to CI/CD pipelines and modern development workflows (code review, testing, deployments, on-call participation or support).

Nice To Haves

• Building or integrating with IdPs and identity protocols (SAML/OIDC, enterprise SSO, SCIM, OAuth, API key management).
• Working with cloud-native infrastructure (AWS, Kubernetes, Terraform, Kong, or similar API gateways and service meshes).
• Experience with high-scale distributed systems or performance-sensitive services where availability and latency targets matter (e.g., auth endpoints, org lookups, internal service auth).
• Familiarity with observability stacks (Grafana, Datadog/Splunk, internal metrics/logging frameworks) and using them to drive reliability improvements.
• Interest or experience in adjacent Core IO domains like Organizations & Accounts or Platform Anti-Abuse (PAA), especially where they intersect with auth and account security.

Responsibilities

• Own features end-to-end across design, implementation, rollout, and observability for core authN/Z capabilities such as login flows, MFA, SSO enhancements, SCIM, sessions, and role/permission enforcement.
• Contribute to auth platform extraction: Help move authentication and authorization paths out of the legacy monolith into dedicated micro services, including token verification, API key services, and internal service auth behind Kong and IdP platform.
• Build and maintain shared SDKs and contracts that let internal teams adopt IAM services quickly (OAuth, machine auth, org-scoped authZ), making “secure by default” the simplest option for new surfaces and agents.
• Collaborate with Organizations & Accounts to support org-scoped identity, multi-account SSO, and flexible org/account models that underpin enterprise experiences and cross-account analytics.
• Partner with Platform Integrity & Protection (PAA), Security, and Compliance on secure patterns for account protection (MFA, recovery, device/session risk), ensuring IAM is a strong foundation for account security and anti-abuse controls.
• Improve reliability and performance of IAM services by instrumenting metrics and alerts, debugging production issues, and contributing to on-call rotations and incident reviews.
• Help define and refine standards for authentication and authorization across the platform APIs, error semantics, audit logging, and integration patterns so product teams don’t reinvent them per-service.