Principal Software Engineer, Privileged Access Management
Role details
Job location
Tech stack
Job description
Drive technical strategy and architecture across PAM platform components, including federal-compliant deployment topologies Partner with Product and Engineering Management on requirements analysis, roadmap planning, and technical decision-making Lead end-to-end design and delivery of new services from greenfield through production hardening Operate within and help shape our AiDLC workflow: living specs, AI-generated implementations, property-based and integration testing as blocking gates, and audit-tracked human approvals Author and maintain the engineering contracts (CLAUDE.md, prompt libraries, agent skills, code standards) that govern how AI-driven development happens on the platform Conduct deep code reviews on critical and security-sensitive changes - including AI-generated code Mentor senior, staff, and associate principal engineers; raise the technical bar across the team
Debug, optimize, and refactor existing services as we evolve toward multi-tenant, multi-cloud, federal- ready
Serve as a technical expert for internal teams and, when needed, customer-facing escalations
Requirements
Do you have experience in Software engineering?, Do you have a Master's degree?, 10+ years of software engineering experience with demonstrated ownership of complex system design, implementation, and technical decision-making
Track record of taking systems from design through production at scale, including multi-tenant SaaS
Security & Compliance
Hands-on experience building security-focused systems - Privileged Access Management, Identity Governance, Authentication, Secrets Management, or adjacent domains
Required knowledge of FedRAMP, FIPS 140-3, and GovCloud (AWS GovCloud or Azure Government) - what they constrain, why, and how to design within them
Working knowledge of modern cryptography in practice: TLS/mTLS, KMS-backed key hierarchies, envelope encryption, HSM/key vault integration
Languages & Programming
Go strongly preferred as the platform's primary language; deep proficiency in at least one systems/services language (Go, Rust, C++, Java, or similar) is required
Polyglot capability - you can read, reason about, and contribute across multiple languages, and you can defend language-choice decisions on technical merit
Frontend literacy in TypeScript/React is a plus
Architecture & Infrastructure
Solid hands-on Kubernetes experience - EKS or equivalent, Helm, manifests, operators, day-2 operations. Not "I used kubectl apply once."
Cloud platform proficiency on AWS or Azure; multi-cloud experience is a plus Microservices and API design: REST, gRPC/Protobuf, and the trade-offs between them
Experience with event-driven architectures (message buses, async workflows) - you know when to reach for them and when not to
Workflow orchestration experience (Temporal or similar) is a plus
Relational database design at scale - PostgreSQL preferred; schema-per-tenant or comparable isolation patterns a plus
Engineering Practice
Strong testing discipline: unit, integration, end-to-end, and property-based testing
Infrastructure as Code: Terraform, Helm; GitOps (ArgoCD) a plus
CI/CD pipeline design and ownership - GitLab, GitHub Actions, Jenkins, CloudBees, or equivalent
Observability: OpenTelemetry, structured logging, metrics, tracing
Containerization: Docker multi-stage builds, distroless/minimal runtimes
AI-Driven Development
Active, deliberate use of AI coding tools (Claude Code, Cursor, Copilot, or comparable) as part of your daily workflow - beyond autocomplete
Comfort working in a spec-driven, agent-assisted development model with mandatory verification gates; AiDLC will be our SDLC, and we expect candidates to embrace and help refine it
Critical-review instincts: you don't ship AI-generated code without reading it, testing it, and understanding it
Leadership
Demonstrated experience mentoring engineers and leading technical initiatives across distributed teams
Strong written and verbal communication - you can write a clear design doc, a clear PR description, and a clear engineering contract for an AI agent
Comfortable operating in a globally distributed organization (US + India), Bachelor's or Master's degree in Computer Science, a related technical discipline, or equivalent professional experience Excellent facilitation and consensus-building skills across engineering, product, and security stakeholders Demonstrated initiative and ability to prioritize independently in a fast-moving environment
Benefits & conditions
We offer you a competitive total rewards package, learning and tremendous opportunities to grow and advance in your career. At Saviynt, it is not typical for an individual to be hired at or near the top of the range for their role and final compensation decisions are dependent on many factors including, but are not limited to location; skill sets; experience and training; licensure and certifications; and other relevant business and organizational needs. A reasonable estimate of the current range is $160,000 - $250,000 annually. You may also be eligible to participate in a Saviynt discretionary bonus plan, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. If required for this role, you will: Complete security & privacy literacy and awareness training during onboarding and annually thereafter Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to):
Data Classification, Retention & Handling Policy Incident Response Policy/Procedures Business Continuity/Disaster Recovery Policy/Procedures