Remotery

Staff Software Engineer

Posted 1 day ago

This is a fully remote position, open to applicants in Utah.

πŸ“‹ Description

β€’ Lead the architecture and implementation of a new permission service β€” from initial design documentation to production, encompassing data modeling, policy evaluation engine, enforcement APIs, and token contracts.

β€’ Establish BambooHR's authentication and authorization standards β€” the frameworks for authentication flows, token issuance, scoped authorization, and role/attribute-based access control that product teams depend on.

β€’ Create the API contract for the permission service: detailing how callers request access decisions, how policies are established, and how enforcement is separated from individual product domains.

β€’ Drive the token strategy β€” including JWT issuance, rotation, scoping, revocation, and the connection between tokens and permissions for both human and machine (API/agent) callers.

β€’ Collaborate with product and platform teams to convert domain-specific access control needs into reusable permission primitives that can scale across the organization.

β€’ Conduct architectural reviews for features with authentication and authorization implications; identify design debt prior to deployment.

β€’ Work alongside Security and Compliance teams to guarantee the permission service complies with audit, least-privilege, and zero-trust requirements.

β€’ Set a high technical standard for the Token Titans team: mentor engineers, lead requests for comments (RFCs), and ensure that implementation quality aligns with architectural goals.


⛳️ Requirements

β€’ Over 10 years of software engineering experience, including at least 3 years in a Staff or Principal role.

β€’ Extensive knowledge in identity and access management β€” including authentication protocols (OAuth 2.0, OIDC, SAML), authorization models (RBAC, ABAC, ReBAC), and token lifecycle management (JWTs, opaque tokens, refresh/rotation strategies).

β€’ Proven experience in designing and developing authentication and authorization systems at scale β€” not merely integrating with them, but taking ownership of the architecture that others build upon.

β€’ Strong intuition for policy-as-code, permission modeling, and the ability to articulate complex access rules as a clear, adaptable data model.

β€’ Experience in designing or reviewing OpenAPI specifications, event-driven architectures, and cross-service communication patterns within a service-oriented or microservice environment.

β€’ Solid backend engineering fundamentals; adeptness in working within a PHP monolith utilizing modern architectural patterns.

β€’ Demonstrated capability to influence organization-wide architectural decisions β€” drafting RFCs, leading reviews, and building consensus among teams with competing priorities.

β€’ Exceptional communication skills: precise written specifications, effective verbal presentations to engineering leadership, and the ability to discuss trade-offs in identity and security without losing the audience.


🏝️ Benefits

β€’ Comprehensive health, life, and disability insurance.

β€’ Generous leave policies that offer 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off to promote quality of life.

β€’ 401k plans featuring up to a 6% company match.

β€’ $2000 Paid-Paid Vacation bonus.

β€’ Employee Assistance Program (EAP) through Headspace.

β€’ Explore all our benefits designed to support you.

People also viewed

VPS10 hours ago

AWS Full Stack Developer

US flagTennessee OnlyFull-timeFull-stack Engineer$120k – $210k/year
ApplyView job
Tango10 hours ago

Principal Software Engineer

US flagUnited States OnlyFull-timeFull-stack Engineer$200k – $240k/year
ApplyView job
Influur10 hours ago

GTM – Marketing Engineer

CO flagColombia OnlyFull-timeFull-stack Engineer
ApplyView job
Salesloft10 hours ago

Principal Software Engineer, AI

US flagUnited States OnlyFull-timeFull-stack Engineer$1 – $100k/year
ApplyView job
VSolvit10 hours ago

Software Developer

US flagUnited States OnlyFull-timeFull-stack Engineer$110k – $165k/year
ApplyView job
Skillable10 hours ago

Senior Software Engineer

US flagArizona, +23 more statesFull-timeFull-stack Engineer$130k – $150k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers