Xsolla Logo

Xsolla

Staff Software Engineer — Identity & Access Management

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in Canada
Senior level
Remote
Hiring Remotely in Canada
Senior level
Own IAM platform architecture and strategy, design OAuth2/OIDC flows and token lifecycle, drive cross-team technical decisions, de-risk and resolve production IAM issues, set engineering standards, mentor, and align with product and security stakeholders.
The summary above was generated by AI

We're looking for a Staff Engineer to join our Identity & Access Management (IAM) platform team. This is an individual contributor role with outsized technical scope: you'll be the technical anchor for how Xsolla builds secure, high-scale auth infrastructure — setting direction, making hard architectural calls, and raising the bar across the org.

You will own the strategy behind authentication, authorization, and session management at scale, and evolve our OAuth 2.0 / OIDC flows and token lifecycle to meet both product and compliance needs. You operate with significant autonomy, but your decisions ripple across teams — so you'll spend real time building buy-in with engineering and security stakeholders, not just designing in isolation.

You are technically deep, calm under pressure, and comfortable being the escalation point when production IAM issues get hard. You write the RFCs and design docs that people actually read, and you create leverage for the broader engineering org through documentation, tooling, and mentorship — without needing a management title to do it.

Responsibilities

  • Own IAM Architecture & Strategy — Own the technical strategy and architecture of our IAM platform, covering authentication, authorization, and session management at scale.
  • Design Auth Protocols — Design and evolve our OAuth 2.0 / OIDC flows, token lifecycle, and security primitives to meet both product and compliance requirements.
  • Drive Cross-Team Technical Decisions — Drive decisions on protocol design, data modeling, and platform reliability, and build buy-in across engineering and security teams.
  • De-Risk Proactively — Identify systemic risks and performance bottlenecks; lead initiatives to resolve them before they become incidents.
  • Set Engineering Standards — Define engineering standards, review critical code and designs, and create leverage for the team through documentation, tooling, and mentorship.
  • Align with Stakeholders — Collaborate with product, security, and infra teams to align on roadmap and translate business needs into well-scoped technical plans.
  • Own Production Escalations — Serve as the go-to escalation point for complex production issues in the IAM domain.

Requirements

    Identity & Security

    • OAuth 2.0 / OIDC Depth — Deep understanding of OAuth 2.0, OIDC, and related auth flows: authorization code + PKCE, client credentials, device flow, token introspection, refresh strategies.
    • Web Security Fundamentals — Solid grasp of cookie security, CSRF, XSS, token storage, TLS, and secure session management.
    • Production IAM Experience — Experience designing or operating production-grade IAM or auth systems.
    • Domain Context

      • Gaming Industry Experience — Experience working in the video game industry, building or operating platforms for game developers, publishers, or players.

      Backend Engineering

      • Go Engineering — Strong Go (Golang) engineering skills: idiomatic code, concurrency patterns, performance profiling.
      • Distributed Systems — Experience with distributed systems and their trade-offs (consistency, availability, failure modes).
      • Data & Infrastructure

        • PostgreSQL — Schema design, query optimization, migrations at scale.
        • Kubernetes — Deploying, operating, and debugging services in a k8s environment.
        • Message Streaming — Kafka or NATS — event-driven patterns, consumer groups, at-least-once delivery.
        • Git & CI/CD — Git and modern CI/CD practices.
        • Leadership

          • Cross-Team Initiative Leadership — Proven ability to lead multi-quarter technical initiatives across teams.
          • Architectural Influence — Track record of influencing architecture and standards beyond your immediate team.
          • Written & Verbal Communication — You write RFCs and design docs that people actually read.

Nice to Have

  • Hands-on experience with the Ory ecosystem (Hydra, Kratos, Keto) — operating it in production or building on top of its APIs
  • Experience with CockroachDB or other distributed SQL databases (multi-region deployments, clock skew handling, survivability trade-offs)
  • Familiarity with compliance requirements relevant to IAM: SOC 2, ISO 27001, GDPR data minimization, audit logging
  • Contributions to open-source security or identity projects
  • Experience building or integrating with SCIM, SAML, or enterprise SSO (LDAP / Active Directory)
  • Background in platform or infrastructure engineering — building systems other engineers build on top of
  • Hands-on, up-to-date experience with modern AI tools (e.g. Claude, Copilot, Cursor) for code generation, review, and accelerating day-to-day engineering work

About Xsolla

Xsolla is a global commerce company with robust tools and services to help developers solve the inherent challenges of the video game industry. From indie to AAA, companies partner with Xsolla to help them fund, distribute, market, and monetize their games. Grounded in the belief in the future of video games, Xsolla is resolute in the mission to bring opportunities together, and continually make new resources available to creators. Headquartered and incorporated in Los Angeles, California, Xsolla operates as the merchant of record and has helped over 1,500+ game developers to reach more players and grow their businesses around the world. With more paths to profits and ways to win, developers have all the things needed to enjoy the game.

For more information, visit xsolla.com.

How We Work

Xsolla operates across multiple time zones, and the IAM platform underpins authentication and authorization for every product we ship. Strong written communication is essential — your architectural decisions and designs need to stand on their own and be actionable without you in the room.

We value directness, technical depth, and follow-through. If a design or production issue has real security or reliability implications, we expect you to say so clearly, defend your position with evidence, and stay engaged until it's resolved.

Similar Jobs

40 Minutes Ago
Remote or Hybrid
Senior level
Senior level
AdTech • Cloud • Digital Media • Information Technology • News + Entertainment • App development
Design high-level systems that integrate ML models into production, enable ML–rendering engine interaction, build language-agnostic APIs/wrappers and microservices, evaluate build-vs-buy options, coordinate cross-functional integration requirements, and decompose product vision into scalable ML-enabled architecture.
Top Skills: APIsC#C++ContainerizationDeep LearningGitMessage BrokersMicroservicesModel DeploymentModel Fine-TuningPythonReal-Time Rendering EngineReinforcement LearningUnix Shell
40 Minutes Ago
Remote or Hybrid
Senior level
Senior level
AdTech • Cloud • Digital Media • Information Technology • News + Entertainment • App development
Develop and optimize C++ systems implementing machine learning, computer vision, and (inverse-)procedural 3D modeling algorithms. Collaborate with leadership to translate product vision, manage code with Git, deploy and test on cloud platforms, work with large-scale geospatial datasets, and operate in Unix (bash) environments.
Top Skills: BashC++Cloud PlatformCmakeGitLinuxmacOSMercurialUnix ShellUnreal Engine
40 Minutes Ago
Remote or Hybrid
Senior level
Senior level
AdTech • Cloud • Digital Media • Information Technology • News + Entertainment • App development
Design and implement high-performance C++ systems for machine learning, computer vision, and 3D/procedural modeling. Apply research, optimize code for speed and scalability, collaborate with leadership, use Git, deploy and test on cloud with large-scale geospatial datasets, and operate in a Unix shell environment.
Top Skills: 3D ModelingC++Cloud PlatformCmakeComputational GeometryComputer GraphicsComputer VisionGeospatial Data ProcessingGitLinuxMachine LearningmacOSMercurialPythonUnix Shell/BashUnreal Engine

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account