[Remote] Principal Software Engineer
Note: The job is a remote job and is open to candidates in USA. FusionAuth is a fast-growing startup and leading provider of customer identity and access management (CIAM) software headquartered in Denver, Colorado. They are hiring a Principal Engineer to serve as a senior technical authority on customer identity, contributing to the architectural direction of the FusionAuth platform and guiding enterprise customers on integration design decisions. This hands-on role involves writing production code, reviewing technical designs, and mentoring engineers while tracking industry trends to influence product roadmap decisions.ResponsibilitiesWrite, review, and own high-quality, secure production code on the FusionAuth core applicationProvide leadership for the platform’s architectural evolutionServe as a go-to expert on OAuth 2.x, OIDC, SCIM, and SAMLEngage directly with enterprise prospects and customers on architectural and integration design decisionsTrack where the identity industry is heading: passkeys/FIDO2, device authorization, DPoP, token binding, emerging OAuth and OIDC drafts, and the rapidly evolving intersection of AI and identityRepresent FusionAuth at industry conferences, working groups, and community eventsFactor FusionAuth’s diverse deployment targets into every architectural and feature decisionMentor engineers across the teamWork closely with Product Management, Solutions Engineering, and Customer Success on complex customer situations, roadmap decisions, and new feature designSkillsEducation: Bachelor's degree in Computer Science or equivalent demonstrable technical depthCIAM Protocol Depth: Production-grade expertise in OAuth 2.x, OIDC, SCIM, and SAML. The ability to identify subtle misimplementations, guide protocol-correct designs, and explain nuanced tradeoffsExperience: 12+ years of professional software engineering, including 5+ years focused on identity, authentication, or security, with meaningful time at the principal, staff, or architect levelHands-On Development: Proven track record of shipping code alongside architectural responsibilities. Not an architect who stopped codingDistributed Systems: Experience with enterprise-grade, highly available, high-performance distributed systemsDeployment Architecture: Experience designing or supporting software deployed across self-hosted, on-premise, or dedicated cloud environments. Understanding of backward compatibility, upgrade paths, and performance tuning across customer-managed infrastructureCustomer-Facing Experience: Demonstrated ability to engage directly with enterprise customers and prospects on technical design and architectureDesign Review: Experience reviewing and approving technical designs in a formal or informal architecture review capacityEmerging Standards: Familiarity with emerging identity protocols and standards (FIDO2/passkeys, DPoP, token binding, OAuth 2.x drafts, etc.)AI Tooling: Willingness to adopt and use AI-assisted development tools (e.g., Claude Code, GitHub Copilot) as part of everyday workflowPragmatism: Appreciates first-principles thinking, but knows when to stop theorizing and start buildingCIAM Product Experience: Direct experience building or working within a CIAM product or identity platformOpen Source & Thought Leadership: History of contributing to open-source identity or security projects, or publishing technical writing on identity topicsAI-Native Development Practices: Experience leading or supporting an engineering team's transition to AI-native development workflows. FusionAuth is actively standardizing on AI-native tooling across the SDLC, and this role will help shape that adoptionSecurity & Compliance: Familiarity with compliance frameworks (SOC 2, FedRAMP, GDPR) and their impact on architectural decisions around data residency, encryption, and audit loggingDatabase Expertise: Experience with PostgreSQL or MySQL at scale, including schema evolution strategy, query performance tuning, and data migration planning for a self-hosted productJava Proficiency: Strong Java skills. FusionAuth's core application is Java-basedCommunication Style: Strong communicator who holds strong technical opinions while remaining open to other perspectivesBenefitsComprehensive health insurance including medical, dental, and vision coverage, with the company covering the majority of your medical premiums to keep your costs lowFully employer-paid High Deductible Health Plan (HDHP) option paired with a Health Savings Account (HSA), including employer contributionsBasic life insurance and short- and long-term disability coverage fully paid by the company for essential financial protectionVoluntary life insurance options to provide additional financial protection for you and your loved onesHealthcare and Dependent Care Flexible Spending Accounts (FSAs) to save pre-tax dollars on eligible expenses401(k) plan with company match to help you save for retirementGenerous paid time off (PTO) plus paid company holidays to support work-life balanceEmployee Assistance Program (EAP) offering confidential counseling and support servicesProfessional growth and development opportunities to boost your career journeyEligibility for performance-based bonuses or variable compensation tied to individual, team, or company resultsNewly upgraded amenity spaces including a sleek tenant lounge and café with booth seating and collaborative workspaces.Access to a fitness studio, showers, lockers, and secure bike storage.Regularly stocked in-suite kitchen with a variety of snacks and beverages to keep you fueled throughout the day.Onsite café offering chef-driven menus with fresh, locally sourced, organic, and non-GMO options to suit diverse dietary needs. Easy ordering via app.3-acres of green space, including communal parks and picnic areas, connected to miles of jogging, biking, and recreation trails.Yoga in the circle and wellness programs to enhance work-life balance.Dedicated outdoor workspaces and patio gathering areas.Ample on-site parking, easy freeway access, and high-speed fiber internet.Sustainability-minded campus and community initiatives, including support for regenerative agriculture programs.Company OverviewFusionAuth provides secure, complete and affordable customer identity & access management. It was founded in 2018, and is headquartered in Broomfield, Colorado, USA, with a workforce of 51-200 employees. Its website is https://fusionauth.io.