[Remote] Principal Software Engineer

Note: The job is a remote job and is open to candidates in USA. FusionAuth is a fast-growing startup and leading provider of customer identity and access management (CIAM) software headquartered in Denver, Colorado. They are hiring a Principal Engineer to serve as a senior technical authority on customer identity, contributing to the architectural direction of the FusionAuth platform and guiding enterprise customers on integration design decisions. This hands-on role involves writing production code, reviewing technical designs, and mentoring engineers while tracking industry trends to influence product roadmap decisions.

Responsibilities

• Write, review, and own high-quality, secure production code on the FusionAuth core application
• Provide leadership for the platform’s architectural evolution
• Serve as a go-to expert on OAuth 2.x, OIDC, SCIM, and SAML
• Engage directly with enterprise prospects and customers on architectural and integration design decisions
• Track where the identity industry is heading: passkeys/FIDO2, device authorization, DPoP, token binding, emerging OAuth and OIDC drafts, and the rapidly evolving intersection of AI and identity
• Represent FusionAuth at industry conferences, working groups, and community events
• Factor FusionAuth’s diverse deployment targets into every architectural and feature decision
• Mentor engineers across the team
• Work closely with Product Management, Solutions Engineering, and Customer Success on complex customer situations, roadmap decisions, and new feature design

Skills

• Education: Bachelor's degree in Computer Science or equivalent demonstrable technical depth
• CIAM Protocol Depth: Production-grade expertise in OAuth 2.x, OIDC, SCIM, and SAML. The ability to identify subtle misimplementations, guide protocol-correct designs, and explain nuanced tradeoffs
• Experience: 12+ years of professional software engineering, including 5+ years focused on identity, authentication, or security, with meaningful time at the principal, staff, or architect level
• Hands-On Development: Proven track record of shipping code alongside architectural responsibilities. Not an architect who stopped coding
• Distributed Systems: Experience with enterprise-grade, highly available, high-performance distributed systems
• Deployment Architecture: Experience designing or supporting software deployed across self-hosted, on-premise, or dedicated cloud environments. Understanding of backward compatibility, upgrade paths, and performance tuning across customer-managed infrastructure
• Customer-Facing Experience: Demonstrated ability to engage directly with enterprise customers and prospects on technical design and architecture
• Design Review: Experience reviewing and approving technical designs in a formal or informal architecture review capacity
• Emerging Standards: Familiarity with emerging identity protocols and standards (FIDO2/passkeys, DPoP, token binding, OAuth 2.x drafts, etc.)
• AI Tooling: Willingness to adopt and use AI-assisted development tools (e.g., Claude Code, GitHub Copilot) as part of everyday workflow
• Pragmatism: Appreciates first-principles thinking, but knows when to stop theorizing and start building
• CIAM Product Experience: Direct experience building or working within a CIAM product or identity platform
• Open Source & Thought Leadership: History of contributing to open-source identity or security projects, or publishing technical writing on identity topics
• AI-Native Development Practices: Experience leading or supporting an engineering team's transition to AI-native development workflows. FusionAuth is actively standardizing on AI-native tooling across the SDLC, and this role will help shape that adoption
• Security & Compliance: Familiarity with compliance frameworks (SOC 2, FedRAMP, GDPR) and their impact on architectural decisions around data residency, encryption, and audit logging
• Database Expertise: Experience with PostgreSQL or MySQL at scale, including schema evolution strategy, query performance tuning, and data migration planning for a self-hosted product
• Java Proficiency: Strong Java skills. FusionAuth's core application is Java-based
• Communication Style: Strong communicator who holds strong technical opinions while remaining open to other perspectives

Benefits

• Comprehensive health insurance including medical, dental, and vision coverage, with the company covering the majority of your medical premiums to keep your costs low
• Fully employer-paid High Deductible Health Plan (HDHP) option paired with a Health Savings Account (HSA), including employer contributions
• Basic life insurance and short- and long-term disability coverage fully paid by the company for essential financial protection
• Voluntary life insurance options to provide additional financial protection for you and your loved ones
• Healthcare and Dependent Care Flexible Spending Accounts (FSAs) to save pre-tax dollars on eligible expenses
• 401(k) plan with company match to help you save for retirement
• Generous paid time off (PTO) plus paid company holidays to support work-life balance
• Employee Assistance Program (EAP) offering confidential counseling and support services
• Professional growth and development opportunities to boost your career journey
• Eligibility for performance-based bonuses or variable compensation tied to individual, team, or company results
• Newly upgraded amenity spaces including a sleek tenant lounge and café with booth seating and collaborative workspaces.
• Access to a fitness studio, showers, lockers, and secure bike storage.
• Regularly stocked in-suite kitchen with a variety of snacks and beverages to keep you fueled throughout the day.
• Onsite café offering chef-driven menus with fresh, locally sourced, organic, and non-GMO options to suit diverse dietary needs. Easy ordering via app.
• 3-acres of green space, including communal parks and picnic areas, connected to miles of jogging, biking, and recreation trails.
• Yoga in the circle and wellness programs to enhance work-life balance.
• Dedicated outdoor workspaces and patio gathering areas.
• Ample on-site parking, easy freeway access, and high-speed fiber internet.
• Sustainability-minded campus and community initiatives, including support for regenerative agriculture programs.

Company Overview