Staff Software Engineer

Job not on LinkedIn

🔥 0 minutes ago

⛷️ Utah – Remote

⛷️ Utah – Remote

⏰ Full Time

🔴 Lead

🧑‍💻 Full-stack Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

CGWS - COME GROW WITH US

WebsiteLinkedInAll Job Openings

1 - 10 employees

Founded 2022

🤝 B2B

👥 B2C

🌍 Social Impact

B2B • B2C • Social Impact

CGWS - COME GROW WITH US is a platform that aims to facilitate connections and sharing among individuals in their personal and professional lives. It provides tools for users to create and manage their online presence, allowing them to engage with communities, brands, and businesses. The platform also includes various services for advertising and social interactions.

📋 Description

• Drive the architecture and delivery of a new permission service — from first design doc to production, including data model, policy evaluation engine, enforcement APIs, and token contract • Define BambooHR's AuthN/AuthZ standards — the patterns for authentication flows, token issuance, scoped authorization, and role/attribute-based access control that product teams rely on • Design the API contract for the permission service: how callers request access decisions, how policies are defined, and how enforcement is decoupled from individual product domains • Drive token strategy — JWT issuance, rotation, scoping, revocation, and the relationship between tokens and permissions across both human and machine (API/agent) callers • Partner with product and platform teams to translate domain-specific access control requirements into reusable permission primitives that scale across the organization • Lead architectural reviews for features with AuthN/AuthZ implications; catch design debt before it ships • Collaborate with Security and Compliance to ensure the permission service meets audit, least-privilege, and zero-trust requirements • Set the technical bar for the Token Titans team: mentor engineers, lead RFCs, and ensure implementation quality matches architectural intent

🎯 Requirements

• 10+ years of software engineering experience, with at least 3 years operating at Staff or Principal level • Deep expertise in identity and access management — authentication protocols (OAuth 2.0, OIDC, SAML), authorization models (RBAC, ABAC, ReBAC), and token lifecycle management (JWTs, opaque tokens, refresh/rotation strategies) • Demonstrated experience designing and building AuthN/AuthZ systems at scale — not just integrating with them, but owning the architecture that others build on • Strong instincts for policy-as-code, permission modeling, and how to express complex access rules as a clean, evolvable data model • Experience designing or reviewing OpenAPI specifications, event-driven architectures, and cross-service communication patterns in a service-oriented or microservice environment • Strong backend engineering fundamentals; comfort working in a PHP monolith with modern architectural patterns • Proven ability to drive org-wide architectural decisions — writing RFCs, leading reviews, building consensus across teams with competing priorities • Excellent communication skills: precise written specs, verbal presentations to engineering leadership, and the ability to explain tradeoffs in identity and security without losing the room.

🏖️ Benefits

• Comprehensive health, life, and disability insurance • Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life • 401k plans with up to 6% company match • $2000 Paid-Paid Vacation bonus • EAP through Headspace • Check out all our benefits that benefit you