Staff Software Engineer, Identity & Access Management
About the role
As a Staff Software Engineer within our SPACE org (Security, Privacy, Assurance, and Corporate Engineering), you will play a critical role on the Identity & Access Management (IAM) team. Your responsibilities include designing, delivering, and supporting the lifecycle of digital identities, authentication, and access across Reddit. You will partner closely with cross-functional teams to build creative, scalable solutions that align with business priorities and strict regulatory standards.
Responsibilities
- Engineering & Integration: Develop, scale and maintain Reddit’s core IAM internal identity capabilities, platforms and infrastructure. Design and deploy high-quality API integrations and custom enterprise IGA connectivity solutions.
- Observability & Data Analytics: Build proactive monitoring frameworks, executive-friendly dashboards, and advanced alerting. Use synthetic transactions and anomaly detection to measure system availability (aiming for multiple 9s). Utilize identity data to track license utilization, aid in fiscal planning, and drive platform adoption.
- Process & Compliance: Create and maintain documentation, audit logs, and reports to continuously improve business processes and ensure seamless compliance execution.
- Operations & Support: Troubleshoot complex production incidents, analyze failure conditions, and perform root-cause analysis to support a 24x7 operation.
- Collaboration & Mentorship: Guide global, cross-functional partners on IAM best practices while raising the engineering bar through code reviews, technical standards, and optimized workflows.
Requirements
We are looking for someone with 10+ years of backend development experience across multiple layers of the stack—from databases and networking to efficient computing. In-depth knowledge of corporate IAM experience covering the full workforce identity lifecycle (Joiner, Mover, Leaver, Access Requests, and Certifications) is essential. Ability to design and implement complex distributed systems operating under high load is required. Proficiency in our core stack: Go, Python, Java, or TypeScript, with a strong DevOps mindset and end-to-end code ownership (testing, monitoring, deploying, and maintaining) is necessary. Deep understanding of modern authentication protocols (OAuth, OIDC, SAML) and secure-by-design principles is crucial. Hands-on familiarity with enterprise identity solutions including IGA, MFA, PAM / PIM, JIT and Directory architectures (e.g., Okta, LDAP, SailPoint) is expected.
Qualifications
A strong collaborative communicator thriving in Agile environments, with a continuous learning mindset and a resourceful, "can-do" approach to complex problem-solving is important. Familiarity with governance and compliance frameworks (SOC2, SOX, PCI), including driving audit-related access certification reviews, is beneficial. You should embody our company value of Evolve: you view challenges as learning opportunities and continuously seek to improve.
Skills
- Experience with modern authentication protocols (OAuth, OIDC, SAML)
- Knowledge of secure-by-design principles
- Familiarity with enterprise identity solutions including IGA, MFA, PAM / PIM, JIT and Directory architectures (e.g., Okta, LDAP, SailPoint)
- Strong collaboration and communication skills
- Continuous learning mindset and resourceful problem-solving approach
Benefits
- Comprehensive Healthcare Benefits and Income Replacement Programs
- 401k with Employer Match
- Global Benefit programs that fit your lifestyle, from workspace to professional development to caregiving support
- Family Planning Support
- Gender-Affirming Care
- Mental Health & Coaching Benefits
- Flexible Vacation & Paid Volunteer Time Off
- Generous Paid Parental Leave
Pay
The base salary range for this position is $217,000 - $303,900 USD. In select roles and locations, the interviews will be recorded, transcribed and summarized by artificial intelligence (AI).
Schedule
This role is full-time.