Staff Software Engineer I - Internal Access Management

What You Will Do

• Define and drive the long-term architecture and roadmap for Internal Access Management across Kubernetes and multi-cloud environments.
• Architect and implement least privilege, just-in-time access, and zero-trust models across Confluent services.
• Build and evolve scalable access-authorization workflows and lifecycle management systems using technologies such as OPA, cloud IAM policies, workload identity, and internal enforcement engines.
• Strengthen security boundaries through threat modeling, defense-in-depth practices, and comprehensive access-auditing capabilities.
• Partner with cross-functional teams—including Platform, Kafka, Observability, Developer Productivity, Release Engineering, and SRE—to drive adoption of secure identity and access patterns.
• Mentor senior engineers, elevate engineering standards, and influence architectural decisions across the organization.
• Communicate complex technical decisions clearly and align stakeholders across engineering and security.

What You Will Bring

• 10+ years of engineering experience, with 4+ years in security, IAM, or distributed systems.
• Deep expertise in Kubernetes, workload identity, cloud IAM (AWS, GCP, Azure), and zero-trust architectures.
• Strong understanding of authentication technologies: IAM, OAuth2, OIDC, policy engines, and modern zero-trust principles.
• Proven track record leading multi-team technical initiatives at a Staff or Senior Staff level.
• Strong knowledge of distributed systems, cloud infrastructure, container orchestration, and service mesh.
• Excellent communication and stakeholder-influence skills across engineering and security domains.

What Gives You an Edge

• Experience leading cross-org security platform architecture initiatives.
• Background in building developer-focused authentication and authorization platforms.