Principal Software Engineer – Authentication & Access

Principal Software Engineer – Authentication & Access

Full-Time 70000 - 90000 £ / year (est.) No working from home possible
One Identity, LLC

At a Glance

  • Tasks: Lead the design and evolution of secure authentication systems across our platform.
  • Company: Join One Identity, a leader in identity management with a focus on innovation.
  • Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
  • Other info: Collaborative environment with a focus on modernising legacy systems and driving innovation.
  • Why this job: Make a significant impact on security-critical systems while mentoring future engineers.
  • Qualifications: 8+ years in software engineering with expertise in authentication protocols and backend development.

The predicted salary is between 70000 - 90000 £ per year.

One Identity's OneLogin is seeking a Principal Software Engineer to lead the architecture, correctness, and evolution of authentication and access systems across our platform. These systems are among the most security‑critical and failure‑sensitive areas of the product and require deep expertise in identity protocols, session management, and secure system design.

As a Principal Engineer, you will operate with broad technical ownership—defining standards, guiding implementation, and resolving systemic issues across authentication flows, authorization models, and session behaviour. You will work across teams to ensure that authentication systems are secure, reliable, and consistent, while evolving legacy implementations toward modern, scalable designs. This is a hands‑on role that includes system design, deep debugging of cross‑service behaviour, and driving modernization efforts in a complex distributed SaaS environment. You will also play a key role in mentoring engineers and raising the level of expertise in authentication and access across the organization.

Responsibilities

  • Own the correctness, security, and consistency of authentication and access systems across the platform.
  • Define and evolve authentication flows, authorization models, and session lifecycle patterns.
  • Ensure protocol correctness and consistency across protocols (SAML, OAuth 2.0, OpenID Connect, etc.).
  • Establish and drive adoption of consistent authentication and access patterns across teams, ensuring alignment with defined standards.
  • Design and validate secure, state‑machine‑driven authentication workflows.
  • Standardize handling of MFA, session behaviour, and authentication edge cases.
  • Identify and remediate legacy or inconsistent authentication implementations.
  • Improve resilience and secure failure handling across authentication flows.
  • Ensure consistent authentication and authorization behaviour across services, APIs, and user entry points.
  • Guide the evolution and modernization of authentication systems while maintaining backwards compatibility and correctness.

Ideal Experience:

  • Deep experience with authentication and identity protocols (SAML, OAuth 2.0, OpenID Connect, LDAP).
  • Strong understanding of session management, including lifecycle, invalidation, and behaviour across distributed systems.
  • Experience designing complex authentication flows and state‑machine‑driven workflows.
  • Strong security engineering fundamentals, including secure system design and failure handling.
  • Experience working with PKI, certificates, and secure communication patterns.
  • Experience debugging complex authentication and session issues across multiple services.
  • Experience remediating legacy or inconsistent authentication implementations.
  • Experience modernizing authentication systems using incremental migration approaches.
  • Strong ability to reason about correctness, edge cases, race conditions, and failure modes.
  • Experience working across teams to drive consistency and correctness in a critical domain.
  • Experience using AI tools to analyze flows, validate system behaviour, and identify inconsistencies at scale.

Qualifications

  • 8+ years of software engineering experience with ownership of critical production systems, including authentication and access services.
  • Strong backend development experience (Ruby, Node.js, or similar).
  • Experience building and operating authentication, authorization, and API‑based services in distributed environments.
  • Solid understanding of REST APIs, service contracts, and software design principles.
  • Experience building secure, reliable systems with strong testing practices across unit, integration, and service layers.
  • Strong ownership of code quality, validation, and handling complex scenarios.

Principal Software Engineer – Authentication & Access employer: One Identity, LLC

One Identity is an exceptional employer that fosters a collaborative and innovative work culture, perfect for those passionate about technology and identity management. Located in a dynamic environment, we offer competitive benefits, continuous learning opportunities, and the chance to mentor and grow alongside talented engineers, making it a rewarding place to advance your career in software engineering.

One Identity, LLC

Contact Details:

One Identity, LLC Recruitment Team

We think you need these skills to ace Principal Software Engineer – Authentication & Access

Authentication Protocols (SAML, OAuth 2.0, OpenID Connect, LDAP)
Session Management
Secure System Design
Failure Handling
Complex Authentication Flows
State-Machine-Driven Workflows
Public Key Infrastructure (PKI)