Software Engineer - IAM

As a Software Engineer on the Professional Archive Identity & Access Management (IAM) team, you’ll design and build systems that ensure secure, reliable access to our platform. This is a new and growing team focused on protecting users, services, and data through modern authentication and authorization solutions.
In this role, you’ll help deliver secure and seamless access across a complex ecosystem of internal and customer-facing applications. Your work will directly support our clients’ compliance needs by ensuring strong identity controls, auditability, and system integrity.
You’ll collaborate with cross-functional partners across Product Management, Engineering, and Site Reliability to build scalable, secure, and high-performing systems. We’re looking for someone who is curious, collaborative, and motivated to contribute to meaningful security-focused engineering work.

As a Software Engineer on the Professional Archive Identity & Access Management (IAM) team, you’ll design and build systems that ensure secure, reliable access to our platform. This is a new and growing team focused on protecting users, services, and data through modern authentication and authorization solutions.
In this role, you’ll help deliver secure and seamless access across a complex ecosystem of internal and customer-facing applications. Your work will directly support our clients’ compliance needs by ensuring strong identity controls, auditability, and system integrity.
You’ll collaborate with cross-functional partners across Product Management, Engineering, and Site Reliability to build scalable, secure, and high-performing systems. We’re looking for someone who is curious, collaborative, and motivated to contribute to meaningful security-focused engineering work.

How will you contribute?

• Support and empower your team by contributing to a collaborative, inclusive, and respectful work environment

• Partner with engineers and stakeholders to design and deliver scalable IAM solutions

• Participate in a shared on-call rotation to support system reliability and incident response with a focus on learning and prevention

• Build and maintain authentication and authorization systems using standards such as OAuth 2.0 and OpenID Connect (OIDC)

• Integrate and support single sign-on (SSO) solutions using SAML and OIDC across multiple systems

• Develop and maintain services that integrate with IAM platforms (e.g., Okta, Ping, Auth0, Keycloak, or similar

• Manage identity data and directory services, including schema updates and synchronization processes

• Design secure APIs and implement fine-grained access control using scopes, roles, and claims

• Ensure identity workflows meet security and compliance requirements, including logging and auditability

• Apply modern engineering practices, including Agile methodologies, CI/CD pipelines, and DevOps principles

• Review code, identify areas for improvement, and help reduce technical debt

• Troubleshoot and resolve production issues to maintain high availability and reliability

• Stay current with evolving security, identity, and access management technologies

• Monitor system health and performance using tools such as Splunk, Datadog, and Grafana

What will you bring?

We’re looking for someone who enjoys working collaboratively, values continuous learning, and communicates openly and respectfully. You support teammates, share knowledge, and contribute to a positive and inclusive team culture.

•

• Experience working in a modern private cloud-based environment

• Exposure to identity and access management concepts, including authentication and authorization

• Familiarity with industry standards such as OAuth 2.0, OpenID Connect (OIDC), or SAML

• Experience building or supporting backend services (e.g., Java, Python, or similar languages)

• Understanding of secure system design and best practices for protecting applications and data

• A collaborative mindset, with openness to feedback and different perspectives

• Understanding of modern software development practices and Agile methodologies

• Ability to communicate technical concepts, progress, and challenges clearly

• Comfort working in evolving environments where requirements may change over time

• A proactive approach to problem-solving and continuous improvement ownership

• Ownership

Preferred qualifications

• Around 4+ years of experience in software engineering, ideally with exposure to IAM systems

• Hands-on experience with OAuth 2.0, OIDC, and/or SAML implementations

• Experience working with directory services (e.g., Active Directory) through LDAP

• Experience configuring or troubleshooting SSO and multi-factor authentication (MFA) workflows

• Familiarity with SCIM for automated provisioning

• Knowledge of Zero Trust architecture principles

• Experience deploying and managing applications in Kubernetes

• Contributions to open-source projects or participation in technical communities

• The ProArchive Application Development team embraces an AI-first mindset, continuously elevating developer productivity through tools like GitHub Copilot, Windsurf, and Claude Code. We’re seeking developers who are passionate about advancing their AI-assisted development skills and leveraging them to deliver innovative, high-impact solutions for Smarsh customers.

What do we offer?

• Healthcare insurance: We provide medical, dental, and vision insurance, and a flexible spending account that allows you to set aside pre-tax dollars to pay for eligible out-of-pocket expenses.

• Stock options.

• Personal time off: A healthy work-life balance is critical to your success at the office. Smarsh offers a “take-what-you-need” time off policy as well as flexible work arrangements.

• 401K Match: Smarsh provides a 4% 401K match for which employees are fully vested on day one.

• Sabbatical: The Smarsh sabbatical programme provides a time to recharge, study or simply do something you are passionate about away from the workplace. Employees are eligible after six years of service.

• Recognition: We’re big on kudos for a job well done. Our employee-recognition programme enables co-workers to nominate their peers who best embody our core values for recognition.

Don't meet every requirement? Apply anyway! We value diverse candidates and encourage applications, even if you don't perfectly match the job description. Studies have shown that some strong candidates may self-select out of the interview process prematurely, at Smarsh we encourage an inclusive, high-performing environment.

Smarsh is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Smarsh invites all qualified interested applicants to apply for career opportunities. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. Including frequency of functions