Job Specifications
Redefine the future of customer experiences. One conversation at a time.
At Nextiva, we're reimagining how businesses connect, bringing together customer experience and team collaboration on a single, conversation centric platform. Powered by AI, driven by human innovation.
Our culture is forward thinking, customer obsessed and built on the belief that meaningful connections drive better business outcomes. Whether it's through our signature Amazing Service(r), the technology we create, or the experiences we cultivate, connection is at the core of who we are.
If you're ready to collaborate with incredible people, make an impact, and help businesses everywhere deliver truly amazing experiences, this is where you belong.
Build Amazing. Deliver Amazing. Live Amazing. Be Amazing.
As a Staff Engineer within the Nextiva Platform organization, focusing on Identity and Access Management (IAM) and platform data access, you will lead initiatives that ensure secure, compliant, and seamless access to critical systems and data across our SaaS offerings. You will design and evolve scalable IAM solutions and enforce data governance best practices that are integral to customer trust, platform integrity, and internal operations.
The ideal candidate will be a technical leader with strong experience in IAM systems, authentication/authorization patterns, data access governance, and distributed platform architecture. Your role will include shaping the strategy and implementation of robust user access models, service identity, permissioning infrastructure, and compliance-driven controls at scale.
Responsibilities
Lead the design and development of secure, scalable IAM and access control mechanisms, including role-based access control (RBAC), attribute-based access control (ABAC), and fine-grained permissions systems
Improve and maintain centralized authentication and authorization services (e.g., OAuth2, OIDC, SAML, SCIM integrations)
Ensure secure-by-design principles are embedded across platform services and APIs with a focus on access patterns, identity federation, token lifecycle management, and user provisioning
Drive architecture and code-level decisions to mitigate identity risks, reduce complexity, and improve the developer experience around secure access patterns
Contribute to operational systems that support auditing, anomaly detection, access reviews, and governance reporting
Be involved in every stage of the project - from ideation and system design to delivering products and features in a timely manner
Build robust, scalable, and maintainable software
Improve code quality through writing unit tests, automation, and code reviews
Apply and advocate for team coding, documenting and testing standard
Lead code reviews and communicate application changes
Provide technical leadership, mentorship and guidance to engineers on the team
Collaborate closely with internal teams as well as stakeholders
Implement and influence business and operational systems that support billing and usage monitoring needs
Basic Qualifications
8-10+ years of experience building large-scale, secure SaaS platforms, with a strong focus on IAM, access management, and distributed systems.
Deep proficiency in Java, Spring Boot, and designing stateless backend services that integrate with identity providers (IdPs) and security frameworks
Experience implementing authentication protocols (OAuth 2.0, OIDC, SAML), and designing systems that support single sign-on (SSO), multi-factor authentication (MFA), and Just-In-Time (JIT) provisioning
Familiarity with access governance tools, secrets management, and key management systems
Hands-on experience with Kafka for distributed messaging and event-driven pipelines (e.g., audit logs, user session lifecycle, policy updates)
Expertise with cloud infrastructure platforms (AWS/GCP) and IAM-related services such as IAM roles/policies, STS tokens, and cross-account identity
Solid understanding of data privacy and regulatory compliance standards (e.g., SOC 2, GDPR, HIPAA) as they relate to access and identity
Preferred Skills
Experience building or integrating with IAM platforms (e.g., Okta, Auth0, ForgeRock, Keycloak)
Knowledge of fine-grained data access control, masking policies, and dynamic authorization patterns at the data layer
Experience developing or integrating policy-as-code solutions (e.g., OPA, Cedar, Rego)
Familiarity with front-end identity contexts and modern frameworks like React and TypeScript for secure session and role propagation
Deep understanding of zero trust architecture principles and secure service-to-service authentication
Additional Qualities To Have
Demonstrated ownership of complex, cross-functional IAM and security initiatives.
Ability to abstract technical complexity into platform capabilities for use by product teams.
Strategic mindset with the ability to anticipate and access risks before they emerge.
Effective communicator, mentor, and partner to engineers and stakeholder