Staff Software Engineer (Identity & Access Management)

Staff Software Engineer, Identity & Access Management

Location: 100% Remote - However you must be west coast 

Position Overview
We are seeking a Staff Software Engineer to lead design and delivery of robust, scalable Identity & Access Management (IAM) systems. This role owns core identity features single signon, SAML, OAuth 2.0, SCIM user provisioning, interservice authentication, and authorization mechanisms and partners with product, security, and infrastructure teams to secure and simplify how users and services authenticate and authorize across the platform. You will act as a technical leader, mentor engineers, and drive longterm architecture and operational excellence for IAM services.

Key Responsibilities

• Design, implement, and operate production IAM services including single signon (SSO), SAML integrations, OAuth 2.0 authorization flows, and SCIM provisioning endpoints.
• Architect and build interservice authentication solutions (e.g., mTLS, service tokens, JWTs, token exchange) to secure servicetoservice communication at scale.
• Define and implement authorization mechanisms and policy models (RBAC, ABAC, policy evaluation, delegated authorization) to meet product and compliance requirements.
• Lead integrations with external identity providers and identity platforms (e.g., enterprise IdPs, Azure AD, Okta) and design robust provisioning and deprovisioning workflows.
• Drive secure design and cryptographic best practices across IAM services, including token handling, key management, session security, and secrets management.
• Collaborate with product, security, and infrastructure teams to translate requirements into a pragmatic and secure roadmap; balance shortterm delivery with longterm architectural improvements.
• Own operability: monitoring, alerting, capacity planning, SLOs, incident response, and postincident improvements for IAM services.
• Mentor and coach engineers on identity protocols, security principles, and scalable service design; run technical reviews and contribute to team hiring and career development.
• Create and maintain highquality design documents, API specifications, SDK guidance, and developer onboarding materials for identity features.
• Advocate for developer experience and automation across identity lifecycles (onboarding, role changes, deprovisioning), minimizing manual steps and reducing risk.

Qualifications

• Minimum 8 years of software engineering experience with significant ownership of production systems and APIs.
• Demonstrated, hands on experience with single sign-on architectures and protocols (SAML, OAuth 2.0) and practical knowledge of common OAuth flows (authorization code, client credentials, token exchange).
• Proven experience implementing SCIM for user lifecycle provisioning and synchronization between systems.
• Deep understanding and handson experience with interservice authentication patterns (mTLS, JWTs, service tokens) and secure token handling.
• Experience designing and implementing authorization models (RBAC, ABAC, policy engines) and integrating authorization checks into distributed systems.
• Strong software engineering skills: distributed systems design, API design, reliability, performance tuning, and observability.
• Practical familiarity with security and cryptographic principles as they apply to identity (token signing/encryption, key rotation, KMS integration, TLS best practices).
• Proficiency with at least one backend programming language and comfort reading or contributing code in Python or Golang.
• Experience integrating with Azure AD or other enterprise identity providers is highly desirable.
• Track record of mentoring engineers, driving technical decisions, and influencing crossfunctional stakeholders.
• Excellent communication skills, strong bias for action, and the ability to balance security, usability, and business needs.

Benefits

Vacation/PTO
Medical
Dental
Vision
Bonus
Telecommute
 

Email Your Resume In Word To
Lauren.Formby@CyberCoders.com
Looking forward to receiving your resume through our website and going over the position with you. Clicking apply is the best way to apply.
Please do NOT change the email subject line in any way. You must keep the JobID: linkedin : LF2-1984594 -- in the email subject line for your application to be considered.
Lauren Formby - Director of Recruiting

For this position, you must be currently authorized to work in the United States without the need for sponsorship for a non-immigrant visa. This is a new role.

CyberCoders will consider for Employment in the City of Los Angeles qualified Applicants with Criminal Histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring (Ban the Box) Ordinance.

This job was first posted by CyberCoders on 04/21/2026 and applications will be accepted on an ongoing basis until the position is filled or closed.

This job was posted on 04/21/2026 and is open for 60 days

CyberCoders is proud to be an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. Our hiring process includes AI screening for keywords and minimum qualifications. Recruiters review all results.  CyberCoders will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable state and local law, including but not limited to the Los Angeles County Fair Chance Ordinance, the San Francisco Fair Chance Ordinance, and the California Fair Chance Act. CyberCoders is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. Individuals needing special assistance or an accommodation while seeking employment can contact a member of our Human Resources team at Benefits@CyberCoders.com to make arrangements.

Copyright 1999 - 2026. CyberCoders , Inc. All rights reserved.