Staff Software Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Establish authorization protocols for our AI-driven agentic workflows, including how non-human entities authenticate, acquire scoped permissions, and function within the same authorization framework as human users.

• Enhance our identity layer in Auth0 to optimize authentication, token issuance, and identity federation processes.

• Develop and sustain our Relationship-Based Access Control (ReBAC) OpenFGA model, which underpins all authorization decisions across our infrastructure.

• Lead extensive technical projects that involve multiple teams and systems, while promoting best practices and quality standards within the team.

• Set a positive example and mentor colleagues in collaboration through pull requests, demos, and professional relationships. Contribute to a culture that values learning and high technical standards.

• Assume responsibility for team deliverables, decisions, quality, processes, and technical direction. Be accountable for steering projects from ideation to production.

• Exhibit a thorough understanding of our application’s business domain and stakeholder requirements. Leverage your expertise to proactively identify risks and obstacles during planning, architectural discussions, and RFCs. Ensure alignment and feasibility between business objectives and technical implementation for large-scale initiatives.

• Represent Basis’ core values while nurturing a positive culture within the team. Actively advocate for Basis in the broader community.

⛳️ Requirements

• At least 8 years of professional software experience, with a strong focus on identity, authentication, or authorization systems.

• Profound knowledge of OAuth 2.0 and OpenID Connect (including token flows, JWKS validation, scopes, audience restrictions, etc.).

• Practical experience with ReBAC systems (OpenFGA, Zanzibar, SpiceDB), including the modeling of authorization schemas, writing and testing tuple-based policies, and analyzing permission evaluation performance.

• Familiarity with Auth0 or similar identity providers (such as Okta, Azure AD, Keycloak).

• High proficiency in backend programming languages like Java, Ruby, or Python, as well as in web frameworks such as Spring Boot, Rails, or Django.

• Competence with AI coding tools (Claude Code, Cursor, Codex, etc.) as an integral part of the development workflow — for tasks like code generation, debugging, exploring unfamiliar codebases, and documentation — combined with strong judgment for assessing, refining, and owning AI-generated outputs.

• A thoughtful approach to collaboration, design, and decision-making that emphasizes equity, access, and ongoing learning.

• Dedication to fostering inclusive, respectful environments where all voices are acknowledged and supported.

🏝️ Benefits

• Flexible work week

• 401k/RRSP matching

• Mental health support

• Paid sabbaticals

• Generous parental leave

• Flexible work options