Principal Software Engineer, Privileged Access Management

Principal Engineer — PAM Platform This role is on the PAM Platform team, building the next generation of PAM infrastructure that runs across multi‑tenant SaaS, customer‑managed deployments, and federal GovCloud environments. We are a distributed, AI‑first R&D organization, actively rolling out an AI‑Driven Development Lifecycle (AiDLC) as our SDLC of record. What You Will Be Doing Drive technical strategy and architecture across PAM platform components, including federal‑compliant deployment topologies Partner with Product and Engineering Management on requirements analysis, roadmap planning, and technical decision‑making Lead end‑to‑end design and delivery of new services from greenfield through production hardening Operate within and help shape our AiDLC workflow: living specs, AI‑generated implementations, property‑based and integration testing as blocking gates, and audit‑tracked human approvals Author and maintain the engineering contracts (CLAUDE.md, prompt libraries, agent skills, code standards) that govern how AI‑driven development happens on the platform Conduct deep code reviews on critical and security‑sensitive changes — including AI‑generated code Mentor senior, staff, and associate principal engineers; raise the technical bar across the team Debug, optimize, and refactor existing services as we evolve toward multi‑tenant, multi‑cloud, federal‑ready Serve as a technical expert for internal teams and, when needed, customer‑facing escalations What You Bring Experience 10+ years of software engineering experience with demonstrated ownership of complex system design, implementation, and technical decision‑making Track record of taking systems from design through production at scale, including multi‑tenant SaaS Security & Compliance Hands‑on experience building security‑focused systems — Privileged Access Management, Identity Governance, Authentication, Secrets Management, or adjacent domains Required knowledge of FedRAMP, FIPS 140‑3, and GovCloud (AWS GovCloud or Azure Government) — what they constrain, why, and how to design within them Working knowledge of modern cryptography in practice: TLS/mTLS, KMS‑backed key hierarchies, envelope encryption, HSM/key vault integration Languages & Programming Go strongly preferred as the platform’s primary language; deep proficiency in at least one systems/services language (Go, Rust, C++, Java, or similar) is required Polyglot capability — you can read, reason about, and contribute across multiple languages, and you can defend language‑choice decisions on technical merit Frontend literacy in TypeScript/React is a plus Architecture & Infrastructure Solid hands‑on Kubernetes experience — EKS or equivalent, Helm, manifests, operators, day‑2 operations. Not “I used kubectl apply once.” Cloud platform proficiency on AWS or Azure; multi‑cloud experience is a plus Microservices and API design: REST, gRPC/Protobuf, and the trade‑offs between them Experience with event‑driven architectures (message buses, async workflows) — you know when to reach for them and when not to Workflow orchestration experience (Temporal or similar) is a plus Relational database design at scale — PostgreSQL preferred; schema‑per‑tenant or comparable isolation patterns are a plus Engineering Practice Strong testing discipline: unit, integration, end‑to‑end, and property‑based testing Infrastructure as Code: Terraform, Helm; GitOps (ArgoCD) a plus CI/CD pipeline design and ownership — GitLab, GitHub Actions, Jenkins, CloudBees, or equivalent Observability: OpenTelemetry, structured logging, metrics, tracing Containerization: Docker multi‑stage builds, distroless/minimal runtimes AI-Driven Development Active, deliberate use of AI coding tools (Claude Code, Cursor, Copilot, or comparable) as part of your daily workflow — beyond autocomplete Comfort working in a spec‑driven, agent‑assisted development model with mandatory verification gates; AiDLC will be our SDLC, and we expect candidates to embrace and help refine it Critical‑review instincts: you don’t ship AI‑generated code without reading it, testing it, and understanding it Leadership Demonstrated experience mentoring engineers and leading technical initiatives across distributed teams Strong written and verbal communication — you can write a clear design doc, a clear PR description, and a clear engineering contract for an AI agent Comfortable operating in a globally distributed organization (US + India) Qualifications Bachelor’s or Master’s degree in Computer Science, a related technical discipline, or equivalent professional experience Excellent facilitation and consensus‑building skills across engineering, product, and security stakeholders Demonstrated initiative and ability to prioritize independently in a fast‑moving environment Compensation $160,000 - $250,000 a year. You may also be eligible to participate in a Saviynt discretionary bonus plan. Equal Opportunity Employer Saviynt is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. #J-18808-Ljbffr