Skip to main content
Back to jobs

Staff Software Engineer - Identity & Access Management

External
xsolla logoXsolla · Serbia
Full-timeRemote1d ago
ComplianceDocumentationIAMOAuth
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Requirements

  • Identity & Security
  • OAuth 2.0 / OIDC Depth - Deep understanding of OAuth 2.0, OIDC, and related auth flows: authorization code + PKCE, client credentials, device flow, token introspection, refresh strategies.
  • Web Security Fundamentals - Solid grasp of cookie security, CSRF, XSS, token storage, TLS, and secure session management.
  • Production IAM Experience - Experience designing or operating production-grade IAM or auth systems.
  • Backend Engineering
  • Go Engineering - Strong Go (Golang) engineering skills: idiomatic code, concurrency patterns, performance profiling.
  • Distributed Systems - Experience with distributed systems and their trade-offs (consistency, availability, failure modes).
  • Data & Infrastructure
  • PostgreSQL - Schema design, query optimization, migrations at scale.
  • Kubernetes - Deploying, operating, and debugging services in a k8s environment.
  • Message Streaming - Kafka or NATS - event-driven patterns, consumer groups, at-least-once delivery.
  • Git & CI/CD - Git and modern CI/CD practices.
  • Cross-Team Initiative Leadership - Proven ability to lead multi-quarter technical initiatives across teams.
  • Architectural Influence - Track record of influencing architecture and standards beyond your immediate team.
  • Written & Verbal Communication - You write RFCs and design docs that people actually read.

Additional Information

We're looking for a Staff Engineer to join our Identity & Access Management (IAM) platform team. This is an individual contributor role with outsized technical scope: you'll be the technical anchor for how Xsolla builds secure, high-scale auth infrastructure - setting direction, making hard architectural calls, and raising the bar across the org. You will own the strategy behind authentication, authorization, and session management at scale, and evolve our OAuth 2.0 / OIDC flows and token lifecycle to meet both product and compliance needs. You operate with significant autonomy, but your decisions ripple across teams - so you'll spend real time building buy-in with engineering and security stakeholders, not just designing in isolation. You are technically deep, calm under pressure, and comfortable being the escalation point when production IAM issues get hard. You write the RFCs and design docs that people actually read, and you create leverage for the broader engineering org through documentation, tooling, and mentorship - without needing a management title to do it.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at xsolla? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect