ABOUT US
Xsolla is a global commerce company with robust tools and services to help developers solve the inherent challenges of the video game industry. From indie to AAA, companies partner with Xsolla to help them fund, distribute, market, and monetize their games. Grounded in the belief in the future of video games, Xsolla is resolute in the mission to bring opportunities together, and continually make new resources available to creators. Headquartered and incorporated in Los Angeles, California, Xsolla operates as the merchant of record and has helped over 1,500+ game developers to reach more players and grow their businesses around the world. With more paths to profits and ways to win, developers have all the things needed to enjoy the game.
ABOUT YOU
Xsolla is seeking a Principal Engineer with deep expertise in Identity and Access Management (IAM) and Golang backend development to lead the evolution of our authentication and authorization stack — enabling developers and players to connect safely and effortlessly across the Xsolla ecosystem.
Responsibilities:
Architect and lead the design of Xsolla’s next-generation identity platform, supporting authentication, authorization, single sign-on (SSO), and account federation across internal and external services.
Develop high-performance Golang microservices that manage user identity, access tokens, and permission enforcement at global scale.
Collaborate closely with security, DevOps, and platform engineering teams to embed Zero Trust principles and standardize access governance across services.
Integrate modern IAM standards and protocols (OAuth2, OIDC, SAML, SCIM) to enhance developer experience and partner integrations.
Mentor and coach engineering teams on secure service design, identity best practices, and cross-service communication patterns.
Partner with product teams to ensure that identity-related features — such as player login, entitlement management, and account linking — are scalable, compliant, and user-friendly.
Define and enforce API and data security standards, supporting compliance initiatives such as GDPR, SOC 2, and ISO 27001.
Evaluate and integrate third-party IAM frameworks or open-source solutions (e.g., Keycloak, Auth0, ForgeRock) as part of Xsolla’s hybrid identity strategy.
Qualifications & Skills:
10+ years in backend or systems engineering, including 5+ years designing and implementing IAM or authentication services.
Expert-level skills in Golang, with experience building and scaling distributed, event-driven microservices.
Proven track record with identity federation, token management, and access control systems.
In-depth understanding of authentication and authorization standards (OAuth 2.0, OIDC, SAML, JWT, SCIM).
Solid grasp of security principles, encryption, key management, and secrets management systems (e.g., HashiCorp Vault, AWS KMS).
Experience building high-availability systems in Kubernetes-based environments using AWS, GCP, or Azure.
Strong architectural vision with the ability to influence cross-team design and technology direction.
Excellent communication and collaboration skills across distributed teams.
Nice to Have:
Experience building or contributing to identity systems for gaming or SaaS ecosystems.
Familiarity with multi-tenant architectures, RBAC/ABAC models, and policy-as-code (OPA, AuthZ frameworks).
Background in security engineering, DevSecOps, or compliance automation.
Contributions to open-source Golang or IAM projects.
