DigitalOceanRemote
Senior Software Engineer, Identity & Access Management
United States of America
Full Time
1 day ago
$141,000 - $176,000 USD
H1B Sponsor Likely
Key skills
GoSQLAIMLAgenticgRPCTerraformKubernetesDigitalOceanIAMMySQLSAMLSSOSingle Sign-OnLeadershipMentoring
About this role
DigitalOcean is a cutting-edge technology company focused on simplifying cloud services and AI. They are seeking a Senior Software Engineer to join their Customer Trust & Engineering team, where the primary responsibility will be to architect and develop high-availability identity and access management services, supporting AI initiatives and ensuring security across their platforms.
Responsibilities:
- Architect for Scale: Design and develop high-availability, low-latency authentication and authorization services in Go that scale to handle massive load spikes across global regions
- Drive Next-Gen Innovation: Build the IAM foundations for emerging cloud-native AI/ML platforms, designing secure token exchange patterns and identity context injection for agentic AI workflows
- Modernize Identity: Lead the implementation of OIDC and SAML integrations, enabling seamless federated Single Sign-On (SSO) for enterprise customers and strategic global partners
- Solve Complex AuthZ: Evolve our Policy Engine (using industry standards like Rego/OPA) to support advanced resource-level permissions, dynamic scoping, and network-aware access conditions
- Evolve Identity Models: Design and scale robust, multi-tenant data models to manage complex hierarchical structures (users, teams, organizations, and resource boundaries) that map to enterprise customer needs
- Operational Excellence: Take ownership of service reliability, from fine-tuning Kubernetes deployments to migrating legacy data pipelines to modern eventing architectures
- Security First: Proactively identify and remediate complex security vulnerabilities, ensuring our auth flows are resilient against credential stuffing, session hijacking, and configuration theft
- Mentor & Lead: Act as a technical lead for major workstreams, conducting deep code reviews and mentoring junior engineers in distributed systems best practices
Requirements:
- 5+ years of software engineering experience, with at least 2+ years focused on Identity (AuthN/AuthZ), Security Products, or high-scale Distributed Systems
- Expert-level proficiency in Go and a strong understanding of gRPC microservices architecture
- Deep knowledge of identity protocols (OIDC, OAuth2, SAML) and access control models (RBAC, ABAC, PBAC)
- Proven ability to build systems that handle consensus, replication, and partitioning at cloud scale
- Working experience with container orchestration (Kubernetes), SQL (MySQL), and Infrastructure as Code (Terraform)
- A track record of 'unwinding' complex legacy logic into clean, maintainable abstractions
- Ability to communicate technical strategy to senior leadership and collaborate across teams (Inference, Billing, DOKS)
- Experience with Open Policy Agent (OPA) and Rego
- Familiarity with Cloud-native deployment strategies (Canary/Blue-Green) via kubernetes