Software Engineer, Identity
Build and maintain identity infrastructure supporting authentication and authorization for enterprise AI systems. Requires 4+ years experience with IAM, ReBAC/ABAC/RBAC, and cloud platforms.
Responsibilities
- Drive the design and implementation of identity infrastructure to ensure secure authentication and authorization across enterprise systems.
- Manage authentication mechanisms such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federated identity solutions (SAML, OAuth, OpenID Connect).
- Manage authorization mechanisms such as Relation-based access control (ReBAC), Attribute-based access control (ABAC), Role-based access control (RBAC).
- Work with auditors and security teams to enforce identity governance policies to ensure compliance with security policies, industry regulations (e.g., NIST, SOC2, ISO 27001), and organizational standards.
- Present technical information to teams and stakeholders, providing guidance and insight on identity management and best practices.
Requirements
- 4+ years of full-time engineering experience, post-graduation with specialties in infrastructure and identity systems.
- Infrastructure expertise – IAM controls, Infrastructure as Code (Terraform, Pulumi), microservice deployment best practices.
- Hands-on experience working with OpenFGA, Authzed, Cedar, Topaz, or similar authorization frameworks at scale.
- Strong understanding of Zanzibar-based ReBAC models, relationship tuples, and access control evaluation.
- Strong knowledge of authentication standards such as OAuth 2.0, OIDC, SAML, and JWT.
- Extensive experience in software development and a deep understanding of distributed systems and public cloud platforms (AWS preferred).
- Track record of independent ownership of successful engineering projects.
- Excellent communication and collaboration skills, and the ability to translate complex technical concepts to non-technical stakeholders.
Nice to Haves
- Experience securing API access and implementing access control mechanisms at the application level.
- Multi-cloud infrastructure experience – AWS, Azure, GCP, and more.
- Proficiency in integrating IAM solutions with applications built using frameworks such as Java, Python, Node.js, or .NET.
Senior Privacy Engineer
Lead privacy engineering projects protecting user data across search, browser, and AI features. Own major privacy components, participate in audits, and mentor engineers using Go, Node.js, Python, or Perl.
Privacy Engineering Director
Lead privacy engineering initiatives across private browsing, search, and agentic products. Own complex privacy projects from definition to delivery, evolve review processes, and grow privacy engineering talent.
Product Security Engineer
Product Security Engineer embedding into engineering workflows to conduct architecture reviews, threat modeling, and penetration testing coordination while serving as GCP security SME. Requires 5-7 years experience and strong GCP and Python skills.
Senior Product Security Engineer II
Senior security engineer focused on offensive security testing, penetration testing, and scaling security practices across Instacart's product suite. Requires 7+ years in security engineering or pentesting with experience in mobile, cloud, or AI security.
Staff Software Engineer, Security
Staff Security Software Engineer designing and building scalable security infrastructure, identity systems, and compliance automation platforms. Requires 8+ years software engineering experience with deep Kubernetes, Go/Rust, and cloud platform expertise.