Senior Software Engineer, Identity & Access Management

We are seeking a Senior Software Engineer (IC3) to join our Customer Trust & Engineering team working on Identity and Access Management. IAM is the bedrock of trust at DigitalOcean; our services sit in the critical path of every request, authorizing billions of transactions per second with single-digit millisecond latency.

In this role, you won't just maintain existing systems—you will architect the next generation of our Identity platform. You will be instrumental in supporting our AI initiatives, building seamless SSO integrations for global partners, and evolving our policy engine to support complex, agentic workflows. If you are passionate about distributed systems, security-first engineering, and building at hyperscale, this is the team for you.

What You’ll Do

• Architect for Scale: Design and develop high-availability, low-latency authentication and authorization services in Go that scale to handle massive load spikes across global regions.
• Drive Next-Gen Innovation: Build the IAM foundations for emerging cloud-native AI/ML platforms, designing secure token exchange patterns and identity context injection for agentic AI workflows.
• Modernize Identity: Lead the implementation of OIDC and SAML integrations, enabling seamless federated Single Sign-On (SSO) for enterprise customers and strategic global partners.
• Solve Complex AuthZ: Evolve our Policy Engine (using industry standards like Rego/OPA) to support advanced resource-level permissions, dynamic scoping, and network-aware access conditions.
• Evolve Identity Models: Design and scale robust, multi-tenant data models to manage complex hierarchical structures (users, teams, organizations, and resource boundaries) that map to enterprise customer needs.
• Operational Excellence: Take ownership of service reliability, from fine-tuning Kubernetes deployments to migrating legacy data pipelines to modern eventing architectures.
• Security First: Proactively identify and remediate complex security vulnerabilities, ensuring our auth flows are resilient against credential stuffing, session hijacking, and configuration theft.
• Mentor & Lead: Act as a technical lead for major workstreams, conducting deep code reviews and mentoring junior engineers in distributed systems best practices.

What You’ll Add to DigitalOcean

• Experience: 5+ years of software engineering experience, with at least 2+ years focused on Identity (AuthN/AuthZ), Security Products, or high-scale Distributed Systems.
• Language Expert: Expert-level proficiency in Go and a strong understanding of gRPC microservices architecture.
• Identity Specialist: Deep knowledge of identity protocols (OIDC, OAuth2, SAML) and access control models (RBAC, ABAC, PBAC).
• Distributed Systems Guru: Proven ability to build systems that handle consensus, replication, and partitioning at cloud scale.
• Cloud Native: Working experience with container orchestration (Kubernetes), SQL (MySQL), and Infrastructure as Code (Terraform).
• Problem Solver: A track record of "unwinding" complex legacy logic into clean, maintainable abstractions.
• Communication: Ability to communicate technical strategy to senior leadership and collaborate across teams (Inference, Billing, DOKS).

Nice to Have

• Experience with Open Policy Agent (OPA) and Rego.
• Familiarity with Cloud-native deployment strategies (Canary/Blue-Green) via kubernetes.

Compensation Range: 

• $140,800 - $176,000

*This is a remote role

JR: 2026-7665

#LI-Remote