Back to Jobs
Toronto Remote (Global) Full-time USD 163,685 – 245,800 / year

Kong is hiring a Staff Software Engineer, Identity and Access Management

Responsibilities

  • Develop secure token management solutions featuring automatic refresh rotation, proof-of-possession mechanisms, and live revocation tracking.
  • Lead creation of a flexible claims engine that dynamically resolves attributes, injects context-aware data, and applies business rules during token generation.
  • Design worldwide identity systems with edge computing optimizations, smart caching, and multi-region replication to ensure ultra-low authentication delays.
  • Create protective controls such as adaptive rate limiting, anomaly detection, and anti-fraud systems to counter credential attacks and token misuse.
  • Implement enterprise federation features, including SAML bridging, chaining external identity providers, and building protocol adapters for legacy environments.
  • Guide developer experience strategy with tools like SDKs, event webhooks, detailed audit logs, and real-time dashboards for monitoring token activity.
  • Architect client registration platforms with automated credential renewal and policy enforcement through code-driven configurations.
  • Design a secure plugin framework enabling custom authorization flows, protocol extensions, and third-party integrations without compromising safety.
  • Lead compliance efforts for SOC 2, FedRAMP, and GDPR by implementing audit logging, data location controls, and privacy-first token architectures.
  • Drive integration with observability tools to support distributed tracing, performance metrics, and correlated security event analysis.
  • Provide technical mentorship on modern identity practices, including zero-trust models, workload identities, and service mesh authentication patterns.

Compensation

Competitive salary and equity package commensurate with experience

Work Arrangement

Hybrid or remote options available with regional considerations

Team

Part of the core identity platform team working across product, security, and infrastructure domains

Required Qualifications

  • 8+ years of software engineering experience with identity, security, or distributed systems
  • Deep knowledge of OAuth 2.0, OpenID Connect, SAML, and related standards
  • Proven experience building scalable authentication and authorization systems
  • Strong background in cloud-native architectures and microservices
  • Proficiency in Go, Lua, or similar systems programming languages
  • Experience with distributed data stores such as PostgreSQL, Redis, or Cassandra

Preferred Qualifications

  • Hands-on experience with API gateways or service mesh security
  • Familiarity with zero-trust security models and identity-first architectures
  • Contributions to open-source identity projects or protocols
  • Experience operating in SOC 2 or FedRAMP-compliant environments

What We Value

  • Ownership of complex technical challenges from design to production
  • Clear communication across engineering, product, and security teams
  • Commitment to code quality, security, and operational excellence
  • Mentorship and knowledge sharing within and across teams

Available for qualified candidates in select regions

About company
Kong
Kong Inc., a leading developer of API and AI connectivity technologies, is building the infrastructure that powers the agentic era. Kong's unified API and AI platform, Kong Konnect, enables organizations to secure, manage, accelerate, govern, and monetize the flow of intelligence across APIs and AI models.
All jobs at Kong Visit website
Job Details
Department R&D
Category backend
Posted 2 months ago