Staff Software Engineer - IAM (Platform Engineering)

Qcells North America
7 days ago

Role details

Contract type
Permanent contract
Employment type
Part-time (≤ 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Remote

Tech stack

Java
API
Amazon Web Services (AWS)
Azure
C Sharp (Programming Language)
Software as a Service
Computer Security
Continuous Integration
DevOps
Distributed Systems
Identity and Access Management
OAuth
OpenID
Ping (Networking Utility)
Role-Based Access Control
Zero Trust Network Access
Security Assertion Markup Language (SAML)
Software Engineering
Okta
Cloudformation
Kubernetes
Information Technology
Production Code
Terraform
Devsecops
Docker

Job description

We are seeking a Staff Software Engineer - IAM to architect, design, and build Identity and Access Management (IAM) services for our multi-tenant SaaS platform.

This is a software engineering role-not an IT, security administration, or enterprise IAM configuration role. Candidates must have experience designing and building identity services and writing production code.

You will act as a hands-on software engineer and technical leader, owning the architecture, implementation, and evolution of authentication, authorization, and identity services. You will partner closely with Product Engineering, Security Architecture, DevOps, and Compliance to deliver secure, scalable, developer-friendly identity capabilities.

This is a greenfield/early-stage role with significant influence over long-term identity strategy and technical direction., * Architect, design, and implement IAM platform services enabling authentication and authorization across the SaaS product

  • Define and own IAM architecture: identity boundaries, trust models, access patterns, token lifecycles
  • Build scalable services supporting OAuth 2.0, OIDC, SAML, and SCIM
  • Develop APIs, SDKs, and tooling for safe, intuitive consumption by product teams
  • Apply least-privilege and Zero Trust principles across users, services, and infrastructure
  • Lead technical decision-making with clear tradeoffs across security, usability, and performance
  • Partner with Security and Compliance for SOC 2, ISO 27001, and NIST alignment
  • Drive incident response and root-cause analysis for identity-related issues
  • Mentor engineers and elevate IAM engineering practices and platform reliability

Requirements

  • 10+ years of software engineering experience, including 4+ years building IAM systems
  • Deep expertise with SAML, OAuth 2.0, OIDC, SCIM
  • Bachelor's or Master's degree in Computer Science, Engineering, or related field (or equivalent experience)
  • Experience integrating with IAM platforms (Entra ID, Okta, Ping Identity, ForgeRock) as an engineer, not an administrator
  • Expert-level proficiency in one or more backend languages (e.g., Java, C#) and in building production services (testing, observability, performance)
  • Experience with cloud platforms (Azure, AWS, or GCP) and Infrastructure as Code (Terraform, ARM, CloudFormation)
  • Familiarity with Zero Trust, least privilege, CI/CD, DevSecOps
  • Experience with distributed systems and containers (Docker, Kubernetes)
  • Ability to travel up to 10%, * Experience building IAM capabilities for multi-tenant SaaS (tenant isolation, per-tenant config, scale)
  • Background in platform engineering, identity platforms, or security infrastructure engineering
  • Understanding of compliance frameworks (SOC 2, ISO 27001, NIST), To comply with the Rehabilitation Act of 1973 the essential physical, mental and environmental requirements for this job are listed below. These are requirements normally expected to perform regular job duties. Incumbent must be able to successfully perform all of the functions of the job with or without reasonable accommodation.

Mobility

Standing

20% of time

Sitting

70% of time

Walking

10% of time

Strength

Pulling

up to 10 Pounds

Pushing

up to 10 Pounds

Carrying

up to 10 Pounds

Lifting

up to 10 Pounds

Dexterity(F = Frequently, O = Occasionally, N = Never)

Typing

F

Handling

F

Reaching

F

Agility(F = Frequently, O = Occasionally, N = Never)

Turning

F

Twisting

F

Bending

Benefits & conditions

The salary range is required by the California Pay Transparency Act and may differ depending on the location of those candidates hired nationwide. Actual compensation is influenced by a wide array of factors including but not limited to, skill set, education, licenses and certifications, essential job duties and requirements, and the necessary experience relative to the job's minimum qualifications.

  • This target salary range is for CA positions only and should not be interpreted as an offer of compensation.

You may view your privacy rights by reviewing Qcells' Privacy Policy or by contacting our HR team for a copy.

About the company

Qcells North America, Hanwha Q CELLS Technologies, Inc. a subsidiary of Hanwha Q CELLS, one of the world´s largest and most recognized photovoltaic manufacturers for its high-performance, high-quality solar cells and modules. It is headquartered in Seoul, South Korea (Global Executive HQ) Talheim, Germany (Technology & Innovation HQ) and Santa Clara, CA, USA (HW and SW Product Development HQ). Through its growing global business network spanning Europe, North America, Asia, South America, Africa, and the Middle East, the company provides excellent services and long-term partnerships to its customers in the utility, commercial, government, and residential markets. Hanwha Q CELLS is a flagship company of Hanwha Group, a FORTUNE Global 500 firm and a Top 7 business enterprise in South Korea.

Apply for this position