×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Software Architect Cloud Engineer - Software DevOps

Principal CIAM Engineer - Lead Platform Architecture; Hybrid

Job in Denver, Denver County, Colorado, 80285, USA
Listing for: FusionAuth
Full Time position
Listed on 2026-05-29
Job specializations:
  • Software Development
    Software Architect, Cloud Engineer - Software, DevOps
Job Description & How to Apply Below
Position: Principal CIAM Engineer - Lead Platform Architecture (Hybrid)

Job Title:

Principal Engineer

Location:

Denver, CO preferred (Hybrid) | Open to remote with quarterly travel

About Fusion Auth

Fusion Auth is a fast‑growing startup and leading provider of customer identity and access management (CIAM) software headquartered in Denver, Colorado. Our mission is to make authentication and authorization simple and secure for every developer. The product helps businesses securely manage customer identities and access, ensuring a seamless and safe user experience for some of the largest brands in the world.

Fusion Auth is expanding its engineering team to accelerate growth and take the product to the next level.

Responsibilities
  • Development:
    Write, review, and own high‑quality, secure production code on the Fusion Auth core application. This is a hands‑on technical leadership role.
  • Architecture:
    Provide leadership for the platform’s architectural evolution. Draft and review Technical Design Documents (TDDs) to ensure designs meet scalability, security, and quality standards.
  • CIAM Protocol Expertise:
    Serve as a go‑to expert on OAuth 2.x, OIDC, SCIM, and SAML, guiding protocol‑correct implementation across the product and answering hard protocol questions from engineering, support, solutions engineering, and customers.
  • Customer Engagement:
    Engage directly with enterprise prospects and customers on architectural and integration design decisions. Translate complex CIAM concepts clearly for both technical and semi‑technical audiences.
  • Industry & Technology Leadership:
    Track industry trends such as passkeys/FIDO2, device authorization, DPoP, token binding, emerging OAuth and OIDC drafts, and AI‑identity intersections. Provide well‑reasoned perspectives on what Fusion Auth should build, adopt, or avoid. Partner with Product Management to translate insights into roadmap decisions.
  • Industry Representation:
    Represent Fusion Auth at industry conferences, working groups, and community events to build the company’s technical credibility.
  • Deployment & Compatibility:
    Incorporate Fusion Auth’s diverse deployment targets into every architectural and feature decision. Ensure backward compatibility, API versioning integrity, upgrade paths, and a sound schema migration strategy.
  • Team Development:
    Mentor engineers across the team. Raise CIAM knowledge through code reviews, design discussions, architectural sessions, and informal knowledge sharing.
  • Cross‑Functional

    Collaboration:

    Work closely with Product Management, Solutions Engineering, and Customer Success on complex customer situations, roadmap decisions, and new feature design.
Qualifications Required
  • Education:

    Bachelor’s degree in Computer Science or equivalent demonstrable technical depth.
  • CIAM Protocol Depth:
    Production‑grade expertise in OAuth 2.x, OIDC, SCIM, and SAML, with the ability to identify subtle misimplementations and explain nuanced tradeoffs.
  • Experience:

    12+ years of professional software engineering, including 5+ years focused on identity, authentication, or security, with meaningful time at the principal, staff, or architect level.
  • Hands‑On Development:
    Proven track record of shipping code alongside architectural responsibilities; not an architect who stopped coding.
  • Distributed Systems:
    Experience with enterprise‑grade, highly available, high‑performance distributed systems.
  • Deployment Architecture:
    Experience designing or supporting software deployed across self‑hosted, on‑premise, or dedicated cloud environments, with understanding of backward compatibility, upgrade paths, and performance tuning across customer‑managed infrastructure.
  • Customer‑Facing

    Experience:

    Demonstrated ability to engage directly with enterprise customers and prospects on technical design and architecture.
  • Design Review:
    Experience reviewing and approving technical designs in a formal or informal architecture review capacity.
  • Emerging Standards:
    Familiarity with emerging identity protocols and standards such as FIDO2/passkeys, DPoP, token binding, OAuth 2.x drafts.
  • AI Tooling:
    Willingness to adopt and use AI‑assisted development tools as part of everyday workflow.
  • Pragmatism:
    Appreciates first‑principles thinking but knows when to stop theorizing and start…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search