Skip to main content
TryApplyNow
Xsolla logo

Staff Software Engineer — Identity & Access Management

Xsolla
Full Timestaff
CAPosted Yesterday

Role Overview

Xsolla is hiring a Staff Software Engineer — Identity & Access Management. This is a full-time role in CA. Part of Xsolla's Lifecycle hiring, posted yesterday. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Salary Context

Salary is not disclosed in this posting. Market median for Staff-level Lifecycle roles is $120k-$142k (based on 12 comparable listings). Many employers share specifics during the interview process or after an initial screen.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

GoSQLKubernetesPostgreSQLGitKafkaCI/CDOR

Job description

We're looking for a Staff Engineer to join our Identity & Access Management (IAM) platform team. This is an individual contributor role with outsized technical scope: you'll be the technical anchor for how Xsolla builds secure, high-scale auth infrastructure — setting direction, making hard architectural calls, and raising the bar across the org.

You will own the strategy behind authentication, authorization, and session management at scale, and evolve our OAuth 2.0 / OIDC flows and token lifecycle to meet both product and compliance needs. You operate with significant autonomy, but your decisions ripple across teams — so you'll spend real time building buy-in with engineering and security stakeholders, not just designing in isolation.

You are technically deep, calm under pressure, and comfortable being the escalation point when production IAM issues get hard. You write the RFCs and design docs that people actually read, and you create leverage for the broader engineering org through documentation, tooling, and mentorship — without needing a management title to do it.

Responsibilities

  • Own IAM Architecture & Strategy — Own the technical strategy and architecture of our IAM platform, covering authentication, authorization, and session management at scale.
  • Design Auth Protocols — Design and evolve our OAuth 2.0 / OIDC flows, token lifecycle, and security primitives to meet both product and compliance requirements.
  • Drive Cross-Team Technical Decisions — Drive decisions on protocol design, data modeling, and platform reliability, and build buy-in across engineering and security teams.
  • De-Risk Proactively — Identify systemic risks and performance bottlenecks; lead initiatives to resolve them before they become incidents.
  • Set Engineering Standards — Define engineering standards, review critical code and designs, and create leverage for the team through documentation, tooling, and mentorship.
  • Align with Stakeholders — Collaborate with product, security, and infra teams to align on roadmap and translate business needs into well-scoped technical plans.
  • Own Production Escalations — Serve as the go-to escalation point for complex production issues in the IAM domain.

Requirements

Identity & Security

  • OAuth 2.0 / OIDC Depth — Deep understanding of OAuth 2.0, OIDC, and related auth flows: authorization code + PKCE, client credentials, device flow, token introspection, refresh strategies.
  • Web Security Fundamentals — Solid grasp of cookie security, CSRF, XSS, token storage, TLS, and secure session management.
  • Production IAM Experience — Experience designing or operating production-grade IAM or auth systems.

Domain Context

  • Gaming Industry Experience — Experience working in the video game industry, building or operating platforms for game developers, publishers, or players.

Backend Engineering

  • Go Engineering — Strong Go (Golang) engineering skills: idiomatic code, concurrency patterns, performance profiling.
  • Distributed Systems — Experience with distributed systems and their trade-offs (consistency, availability, failure modes).

Data & Infrastructure

  • PostgreSQL — Schema design, query optimization, migrations at scale.
  • Kubernetes — Deploying, operating, and debugging services in a k8s environment.
  • Message Streaming — Kafka or NATS — event-driven patterns, consumer groups, at-least-once delivery.
  • Git & CI/CD — Git and modern CI/CD practices.

Leadership

  • Cross-Team Initiative Leadership — Proven ability to lead multi-quarter technical initiatives across teams.
  • Architectural Influence — Track record of influencing architecture and standards beyond your immediate team.
  • Written & Verbal Communication — You write RFCs and design docs that people actually read.

Nice to Have

  • Hands-on experience with the Ory ecosystem (Hydra, Kratos, Keto) — operating it in production or building on top of its APIs
  • Experience with CockroachDB or other distributed SQL databases (multi-region deployments, clock skew handling, survivability trade-offs)
  • Familiarity with compliance requirements relevant to IAM: SOC 2, ISO 27001, GDPR data minimization, audit logging
  • Contributions to open-source security or identity projects
  • Experience building or integrating with SCIM, SAML, or enterprise SSO (LDAP / Active Directory)
  • Background in platform or infrastructure engineering — building systems other engineers build on top of
  • Hands-on, up-to-date experience with modern AI tools (e.g. Claude, Copilot, Cursor) for code generation, review, and accelerating day-to-day engineering work

About Xsolla

Xsolla is a global commerce company with robust tools and services to help developers solve the inherent challenges of the video game industry. From indie to AAA, companies partner with Xsolla to help them fund, distribute, market, and monetize their games. Grounded in the belief in the future of video games, Xsolla is resolute in the mission to bring opportunities together, and continually make new resources available to creators. Headquartered and incorporated in Los Angeles, California, Xsolla operates as the merchant of record and has helped over 1,500+ game developers to reach more players and grow their businesses around the world. With more paths to profits and ways to win, developers have all the things needed to enjoy the game.

For more information, visit xsolla.com.

How We Work

Xsolla operates across multiple time zones, and the IAM platform underpins authentication and authorization for every product we ship. Strong written communication is essential — your architectural decisions and designs need to stand on their own and be actionable without you in the room.

We value directness, technical depth, and follow-through. If a design or production issue has real security or reliability implications, we expect you to say so clearly, defend your position with evidence, and stay engaged until it's resolved.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About Xsolla

Xsolla logo

Xsolla

xsolla.com

LifecycleOn-site

2 other open roles at Xsolla on TryApplyNow.

Frequently Asked Questions

How do I apply for the Staff Software Engineer — Identity & Access Management position at Xsolla?

Use the Apply button above to submit your application directly to Xsolla. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Where is the Staff Software Engineer — Identity & Access Management position at Xsolla located?

This position is based in CA. Xsolla has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.

What does a Staff Software Engineer — Identity & Access Management at Xsolla earn?

Xsolla has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Staff Software Engineer — Identity & Access Management role at Xsolla posted?

This role was posted on June 30, 2026 (yesterday). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start