Skip to content
Scale AIScale AISan Francisco, CA

Software Engineer, Identity

Build and manage secure identity infrastructure including authentication (SSO, MFA, SAML/OAuth/OIDC) and authorization (ReBAC, RBAC, ABAC) systems for AI data platforms. Requires 4+ years in infrastructure/identity engineering with hands-on authorization frameworks like OpenFGA/Authzed and IaC tools.

216k – 270k/yr
On-site4+ YOESecurity Engineering

About the role

Responsibilities

  • Drive the design and implementation of identity infrastructure to ensure secure authentication and authorization across enterprise systems.
  • Manage authentication mechanisms such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federated identity solutions (SAML, OAuth, OpenID Connect).
  • Manage authorization mechanisms such as Relation-based access control (ReBAC), Attribute-based access control (ABAC), Role-based access control (RBAC).
  • Work with auditors and security teams to enforce identity governance policies to ensure compliance with security policies, industry regulations (e.g., NIST, SOC2, ISO 27001), and organizational standards.
  • Present technical information to teams and stakeholders, providing guidance and insight on identity management and best practices.

Requirements

  • 4+ years of full-time engineering experience, post-graduation with specialties in infrastructure and identity systems.
  • Infrastructure expertise – IAM controls, Infrastructure as Code (Terraform, Pulumi), microservice deployment best practices.
  • Hands-on experience working with OpenFGA, Authzed, Cedar, Topaz, or similar authorization frameworks at scale.
  • Strong understanding of Zanzibar-based ReBAC models, relationship tuples, and access control evaluation.
  • Strong knowledge of authentication standards such as OAuth 2.0, OIDC, SAML, and JWT.
  • Extensive experience in software development and a deep understanding of distributed systems and public cloud platforms (AWS preferred).
  • Track record of independent ownership of successful engineering projects.
  • Excellent communication and collaboration skills, and the ability to translate complex technical concepts to non-technical stakeholders.

Nice-to-Haves

  • Experience securing API access and implementing access control mechanisms at the application level.
  • Multi-cloud infrastructure experience – AWS, Azure, GCP, and more.
  • Proficiency in integrating IAM solutions with applications built using frameworks such as Java, Python, Node.js, or .NET.

Compensation and Benefits

Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The base salary range for this full-time position in the locations of San Francisco, New York, Seattle is: $216,000–$270,000 USD. Employees in eligible roles are also granted equity based compensation. Benefits include comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. This role may be eligible for additional benefits such as a commuter stipend.

Skills

IAMTerraformPulumiOpenfgaAuthzedCedarTopazRebacOauth 2.0OIDCSAMLJwtAWS
Notion

Security Engineer, Corporate Security

NotionSan Francisco, CA +1

Hands-on Corporate Security Engineer to own and improve technical controls across identity, endpoints, SaaS, and workforce infrastructure. Build scalable automation and partner with IT, Infrastructure, GRC, and Detection & Response.

220k – 260k/yr
HybridSecurity Engineering
Ramp

Security Engineer, Cloud

RampNew York, NY +1

Build and enhance cloud security infrastructure, drive security roadmap, remediate issues, and partner with teams for secure deployments. Requires 5+ years software experience, 3+ years AWS with Terraform.

211k – 291k/yr
Hybrid5+ YOESecurity Engineering
Replit

Security Engineer - Vuln Management (Infra)

ReplitFoster City, CA

Mid-level Infrastructure Vulnerability Management Engineer responsible for cloud security posture, IaC scanning, container vulnerability management, and compliance tracking across multi-cloud environments. Requires 5+ years in cloud security/DevSecOps with deep GCP expertise.

210k – 270k/yr
Hybrid5+ YOESecurity Engineering
Replit

Security Engineer - Vuln Management (Code)

ReplitFoster City, CA

Mid-level AppSec Vulnerability Management Engineer who identifies application vulnerabilities, manages SBOM and supply chain security, and drives compliance tracking for SOC 2, ISO 27001, and PCI-DSS. Requires 5+ years in AppSec/DevSecOps with strong coding skills in JS/TS, Python, and Go.

210k – 270k/yr
Hybrid5+ YOESecurity Engineering
Perplexity

Software Engineer - Security

PerplexitySan Francisco, CA

Builds security tools, automations, and AI agents to enhance detection, response, vulnerability management, and overall security posture. Requires 4+ years experience in software engineering with security focus, proficiency in Python/Go/TypeScript, and familiarity with SIEM/EDR/cloud systems.

210k – 385k/yr
On-site4+ YOESecurity Engineering