Staff Software Engineer - Wallet/Authentication Platform

ID.me is the next-generation digital identity wallet that simplifies how individuals securely prove their identity online. Consumers can verify their identity with ID.me once and seamlessly login across websites without having to create a new login and verify their identity again. Over 152 million users experience streamlined login and identity verification with ID.me at 20 federal agencies, 45 state government agencies, and 70+ healthcare organizations. More than 600+ consumer brands use ID.me to verify communities and user segments to honor service and build more authentic relationships. ID.me’s technology meets the federal standards for consumer authentication set by the Commerce Department and is approved as a NIST 800-63-3 IAL2 / AAL2 credential service provider by the Kantara Initiative. ID.me is committed to “No Identity Left Behind” to enable all people to have a secure digital identity. To learn more, visit https://network.id.me/.

ID.me is seeking a Staff Software Engineer to join the Wallet/Authentication Platform team, where we build and operate the core sign-in, registration, MFA, and account management infrastructure that over 140 million members rely on to access the ID.me identity wallet.

Authentication is the front door to ID.me. Every member's journey begins with creating, signing into, or managing their Wallet. Our platform owns sign-in, registration, MFA, account recovery, password reset, and MyWallet, enabling verified identity across 20 federal agencies, 44 state governments, 66 healthcare organizations, and hundreds of consumer brands.

As a Staff Software Engineer, you will set technical direction for the authentication platform, drive cross-team architectural decisions, and serve as a force multiplier for the engineers around you. You bring deep expertise in identity, security, and distributed systems — and you use it to raise the bar for the entire team. Your work shapes how millions of people prove and access who they are online.

This position will work from our Mountain View, CA office five days per week.

• →Technical Leadership & Vision: Define and drive the technical roadmap for authentication platform services, identifying systemic challenges, architectural risks, and strategic opportunities. Author architecture proposals, lead design reviews, and own critical technical decisions across the team.
• →Cross-Team Influence: Partner with Platform, Security, Identity, Product, and adjacent engineering teams to align on authentication standards, shared infrastructure, and cross-cutting concerns. Represent the team's technical perspective in org-level planning and architectural forums.
• →Systems Design & Architecture: Lead end-to-end design and implementation of complex, high-impact authentication features — sign-in flows, MFA, federation, account lifecycle management — balancing security, scale, and developer ergonomics.
• →Security & Risk Engineering: Define the team's approach to auth security: threat modeling, credential protection, session management, abuse mitigation, and real-time risk signal integration. Champion security as a first-class engineering discipline across every feature the team ships.
• →Engineering Excellence: Set the standard for code quality, testing, observability, and incident response. Drive technical debt reduction and platform reliability improvements. Mentor senior and mid-level engineers through code reviews, design critiques, and pairing.
• →AI-Augmented Development: Model and champion AI-first engineering practices — leveraging tools like Claude Code and Cursor to accelerate design, implementation, and review cycles — and help the broader team adopt these workflows effectively.

• Bachelor's degree in Computer Science, Engineering, or a related field (or equivalent practical experience).
• 8+ years of professional software development experience, with demonstrated impact at a senior or staff level.
• 5+ years of experience in backend services engineering, with strong proficiency in Java and Spring Boot.
• 1+ years experience with AI-assisted development tooling (e.g., Claude Code, Cursor) with at least one year of daily use, and a demonstrated commitment to an AI-first engineering culture.

• Deep expertise in authentication and identity protocols: OAuth 2.0, OpenID Connect (OIDC), SAML 2.0, FIDO2/WebAuthn, and related standards.
• Proven ability to lead large-scale technical initiatives from design through production, including driving alignment across multiple teams and stakeholders.
• Experience designing, building, or operating an Identity Provider (IdP) or Identity and Access Management (IAM) platform at scale.
• Familiarity with government identity and security frameworks: NIST SP 800-63 (IAL/AAL), FedRAMP, or Kantara Initiative accreditation requirements.
• Experience with federation, SSO, and enterprise identity integration patterns (e.g., SCIM, XACML, LDAP/Active Directory).
• Strong background in auth security engineering: threat modeling, credential attack mitigation, account takeover prevention, rate limiting, and session security.
• Experience with React or modern frontend frameworks in the context of authentication UX.
• Track record of mentoring senior engineers and driving meaningful improvements to engineering culture and practices.
• Startup or high-growth company experience with a strong bias toward ownership and execution.

ID.me is the next-generation digital identity wallet that simplifies how individuals securely prove their identity online. Consumers can verify their identity with ID.me once and seamlessly log in across websites without needing to create a new login and re-verify. Over 140 million users experience streamlined login and identity verification with ID.me at 20 federal agencies, 44 state government agencies, and 66 healthcare organizations. More than 600 consumer brands use ID.me to verify communities and user segments to honor service and build more authentic relationships. ID.me's technology meets the federal standards for consumer authentication set by the Commerce Department and is approved as a NIST 800-63-3 IAL2 / AAL2 credential service provider by the Kantara Initiative. ID.me is committed to "No Identity Left Behind" to enable all people to have a secure digital identity.