Staff Software Engineer (Identity & Access Control)

ABOUT YOU We are seeking a visionary Staff Software Engineer – Identity & Access Management to architect, build, and scale the foundational security layer of our global ecosystem. In this role, you will take full ownership of our authentication and authorization infrastructure, ensuring that millions of users can securely interact with our services. Working at the intersection of security, platform stability, and developer experience, you will lead the design of mission-critical systems—from identity federation and complex token lifecycles to fine-grained access control models. This is a high-impact position for an engineer who excels in the Golang ecosystem and thrives on the complexity of high-stakes security systems. You aren’t just implementing protocols; you are building a resilient, multi-tenant identity fabric that supports everything from global gaming integrations to sophisticated SaaS architectures. If you have a deep-seated passion for data privacy, a "security-first" mindset, and the technical depth to navigate the nuances of OAuth 2.0, OIDC, and beyond, you will find a home here.   ABOUT US Xsolla is a global commerce company with robust tools and services to help developers solve the inherent challenges of the video game industry. From indie to AAA, companies partner with Xsolla to help them fund, distribute, market, and monetize their games. Grounded in the belief in the future of video games, Xsolla is resolute in the mission to bring opportunities together, and continually make new resources available to creators. Headquartered and incorporated in Los Angeles, California, Xsolla operates as the merchant of record and has helped over 1,500+ game developers reach more players and grow their businesses around the world. For more information, visit xsolla.com. ## QUALIFICATIONS & SKILLS **Core Engineering Excellence** * **Decade of Experience:** 10+ years in backend or systems engineering, with at least 5 years dedicated to the **Identity & Access Management (IAM)** domain. * **Golang Mastery:** Expert-level proficiency in Go, with a track record of building high-performance, concurrent, and scalable distributed systems. * **Cloud-Native Mindset:** Proven experience deploying and managing services within **Kubernetes** environments (AWS or GCP). **Identity & Security Deep-Dive** + **Auth Protocols:** Deep architectural understanding of **OAuth 2.0, OIDC, JWT**, and **SCIM**. + **Lifecycle Management:** Hands-on experience with identity federation, sophisticated token management, and complex access control flows. + **Security First:** Strong grasp of modern security best practices, encryption standards, and secure coding principles. ### **BONUS POINTS** - **Advanced Auth Models:** Experience implementing fine-grained access control such as **ReBAC, ABAC**, or utilizing **Open Policy Agent (OPA)**. - **Ecosystem Knowledge:** Familiarity with industry-leading identity providers and frameworks like **Ory (Kratos/Keto), Keycloak, Auth0**, or **ForgeRock**. - **Scale & Architecture:** Background in building **multi-tenant** architectures, specifically for global SaaS platforms or large-scale Gaming ecosystems. - **Community Footprint:** Active contributions to **Open Source** Golang projects or security-focused libraries. **Benefits** We are passionate about fostering a supportive environment for our team, so we prioritize the physical, mental, and emotional well-being of our employees through a comprehensive Benefits Program. This includes unlimited Flexible Time Off and a personalized career roadmap for each employee. By investing in professional development through training and educational opportunities, we ensure that our team thrives both personally and professionally. Together, we’re not just building a business; we’re cultivating a community that values creativity, collaboration, and the transformative power of play. The duties and responsibilities of this position may evolve over time to support the organization’s goals and individual growth. This job description is intended to outline the general nature and level of work being performed and is not intended to be an exhaustive list of all duties, responsibilities, and qualifications required. By submitting your application, you consent to Xsolla conducting background checks, where permitted by law, after the final interview stage. All checks will comply with local regulations, and your information will be handled confidentially. Xsolla takes your privacy seriously and will not sell or externally distribute any personal data received during the hiring process. In accordance with applicable data protection laws, Xsolla is committed to protecting your personal information and respecting your privacy. For any inquiries related to data privacy, please contact: [careers@xsolla.com](mailto:careers@xsolla.com)  Explore more opportunities at: