India Remote (Global) Full-time

HighLevel is hiring a Staff Backend Engineer - Users

Responsibilities

  • Design and evolve secure multi-tenant architectures (Agency → Account → App or equivalent hierarchy) for 100k+ agencies
  • Define and enforce tenant isolation guarantees at data, API, and infra levels
  • Build and review authorization models (RBAC / ABAC / hybrid)
  • Own token systems (API keys, OAuth flows, JWTs, scoped tokens, rotation, expiry)
  • Design fine-grained scopes for internal APIs, public APIs, and partner integrations
  • Map scopes → permissions → resources consistently
  • Prevent over-scoped tokens and privilege escalation
  • Lead security-critical backend designs (authZ boundaries, impersonation, auditability)
  • Set patterns for secure-by-default APIs used by internal and external teams
  • Partner with Infra/Security teams on Secrets management, Key rotation, Rate limiting & abuse prevention, Compliance readiness (SOC2 style thinking)
  • Act as a multiplier: raise the security bar across engineering via reviews, RFCs, and mentoring

Requirements

  • 8+ years of backend engineering experience
  • Proven experience building secure, multi-tenant SaaS platforms
  • Deep understanding of: Authorization models (RBAC, ABAC), OAuth2 / JWT / API key systems, Threat modeling & security tradeoffs
  • Strong system design skills - especially for long-lived platforms
  • Comfort owning ambiguous, high-impact areas

Nice to Have

  • Experience designing platforms used by multiple internal teams
  • Security reviews, incident learnings, or compliance exposure
  • Experience with large-scale migrations (auth or identity related)
  • Background in developer platforms or core infrastructure teams

Work Arrangement

Remote (Worldwide)

About company
HighLevel
A software development company focused on SaaS solutions
All jobs at HighLevel Visit website
Job Details
Department Engineering – CRM & Automation
Category backend
Posted 6 months ago