Key skills
KafkaAWSAzureGCPKubernetesIAMService MeshCommunication
About this role
Confluent is a company focused on transforming data movement through its innovative platform. They are seeking a Staff Software Engineer to lead the technical vision and architecture for Internal Access Management, ensuring secure and auditable authorization across engineering systems.
Responsibilities:
- Define and drive the long-term architecture and roadmap for Internal Access Management across Kubernetes and multi-cloud environments
- Architect and implement least privilege, just-in-time access, and zero-trust models across Confluent services
- Build and evolve scalable access-authorization workflows and lifecycle management systems using technologies such as OPA, cloud IAM policies, workload identity, and internal enforcement engines
- Strengthen security boundaries through threat modeling, defense-in-depth practices, and comprehensive access-auditing capabilities
- Partner with cross-functional teams—including Platform, Kafka, Observability, Developer Productivity, Release Engineering, and SRE—to drive adoption of secure identity and access patterns
- Mentor senior engineers, elevate engineering standards, and influence architectural decisions across the organization
- Communicate complex technical decisions clearly and align stakeholders across engineering and security
Requirements:
- 10+ years of engineering experience, with 4+ years in security, IAM, or distributed systems
- Deep expertise in Kubernetes, workload identity, cloud IAM (AWS, GCP, Azure), and zero-trust architectures
- Strong understanding of authentication technologies: IAM, OAuth2, OIDC, policy engines, and modern zero-trust principles
- Proven track record leading multi-team technical initiatives at a Staff or Senior Staff level
- Strong knowledge of distributed systems, cloud infrastructure, container orchestration, and service mesh
- Excellent communication and stakeholder-influence skills across engineering and security domains
- Experience leading cross-org security platform architecture initiatives
- Background in building developer-focused authentication and authorization platforms