Role overview

Sr. Engineer, Fullstack, Identity Platform

Requirements and responsibilities

Readable role content extracted into sections for faster review.

About you

  • You’re an experienced fullstack or platform engineer who has built real-world authentication and authorization systems at scale. You’ve helped define or evolve IAM platforms—not just used them—through collaboration across engineering, product, and other stakeholders. You bring experience with OAuth, JWTs, token-based authentication, and service-to-service auth, and are comfortable working with modern permission models such as RBAC, ABAC, or relationship-based access control.
  • You think in platforms, not features. You’ve built shared systems other teams depend on, and understand how to design stable APIs, manage breaking changes, and maintain strong boundaries as systems scale. You have solid systems instincts and consistently consider security, scalability, and correctness in your designs.
  • You’re comfortable working across the stack. This is a fullstack role on a platform team—you’ll primarily build backend systems, but also contribute to developer-facing UIs and tooling when needed. You don’t need to be an expert in every layer, but you’re not blocked by any of them.
  • You move quickly and work well in ambiguity. You believe building enterprise-grade systems can be both fast and secure, and you use that mindset to ship working solutions early, using prototypes to drive alignment rather than waiting for perfect specs. You’re comfortable iterating, discarding work when needed, and treating it as part of the learning loop.
  • You use AI agents as a core part of your workflow, leveraging them to explore codebases, accelerate development, and prototype solutions quickly. You understand their limitations, continuously refine your approach, and help others on your team work more effectively with them.
  • You operate with strong ownership and communication. You take initiative, work transparently in an async environment, and keep stakeholders informed without being asked. You’re comfortable engaging directly with both internal engineering teams and enterprise customers, and you use written artifacts, prototypes, and demos to influence and drive clarity and alignment.

Things you'll do

  • Be a thought leader in the Identity domain, helping to set the vision for our platforms to enable Zapier’s engineering teams to move fast and securely
  • Partner with Product and Engineering leadership to define and implement Zapier’s Governance strategy. Evolve Zapier’s IAM platform to provide consistent, reliable controls for our largest Enterprise customers
  • Design and evolve authorization systems that power permissions, roles, policies, and access control across Zapier’s ecosystem
  • Build and scale OAuth and token infrastructure, including access tokens, refresh tokens, and scopes. Lead cross-team efforts to unify and simplify auth patterns across Zapier
  • Develop and maintain JWT infrastructure (signing, validation, key rotation) used across APIs and services
  • Define and implement service-to-service authentication patterns (client credentials, service identity, token propagation)
  • Improve and enforce authorization consistency across services through SDKs, middleware, and shared platform patterns
  • Partner with product and infrastructure teams to standardize access control models across the product
  • Drive platform-level decisions around security, performance, and scalability of access management systems
Similar roles

Keep a backup shortlist.

Browse roles
FocusEngineeringRole area
Seniority signalSeniorCandidate level
StackStack listed in descriptionPrimary skills
Location20 accepted countriesEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link