As a Staff Engineer on the Users team, you'll enhance security and architecture for a multi-tenant SaaS platform, focusing on identity and access management.
About HighLevel:
HighLevel is an AI powered, all-in-one white-label sales & marketing platform that empowers agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. We are proud to support a global and growing community of over 2 million businesses, comprised of agencies, consultants, and businesses of all sizes and industries. HighLevel empowers users with all the tools needed to capture, nurture, and close new leads into repeat customers. As of mid 2025, HighLevel processes over 4 billion API hits and handles more than 2.5 billion message events every day. Our platform manages over 470 terabytes of data distributed across five databases, operates with a network of over 250 micro-services, and supports over 1 million hostnames.
Our People
With over 1,500 team members across 15+ countries, we operate in a global, remote-first environment. We are building more than software; we are building a global community rooted in creativity, collaboration, and impact. We take pride in cultivating a culture where innovation thrives, ideas are celebrated, and people come first, no matter where they call home.
Our Impact
As of mid 2025, our platform powers over 1.5 billion messages, helps generate over 200 million leads, and facilitates over 20 million conversations for the more than 2 million businesses we serve each month. Behind those numbers are real people growing their companies, connecting with customers, and making their mark - and we get to help make that happen.
Role Summary:
As a Staff Engineer on the Users team, you will be the technical anchor for identity, access, auditing, notifications and security foundations across our multi-tenant SaaS platform. This role is not about feature velocity - it’s about building systems that are correct, resilient, and safe by default, and enabling other teams to move fast without breaking trust.
You’ll work closely with EMs, Product, and other engineers to design and evolve core primitives such as users, roles, permissions, tokens, and tenant isolation, auditing, notifications - at scale.
Responsibilities:
- Design and evolve secure multi-tenant architectures (Agency → Account → App or equivalent hierarchy) for 100k+ agencies
- Define and enforce tenant isolation guarantees at data, API, and infra levels
- Build and review authorization models (RBAC / ABAC / hybrid)
- Own token systems (API keys, OAuth flows, JWTs, scoped tokens, rotation, expiry)
- Design fine-grained scopes for internal APIs, public APIs, and partner integrations
- Map scopes → permissions → resources consistently
- Prevent over-scoped tokens and privilege escalation
- Lead security-critical backend designs (authZ boundaries, impersonation, auditability)
- Set patterns for secure-by-default APIs used by internal and external teams
- Partner with Infra/Security teams on Secrets management, Key rotation, Rate limiting & abuse prevention, Compliance readiness (SOC2 style thinking)
- Act as a multiplier: raise the security bar across engineering via reviews, RFCs, and mentoring
Requirements:
- 8+ years of backend engineering experience
- Proven experience building secure, multi-tenant SaaS platforms
- Deep understanding of: Authorization models (RBAC, ABAC), OAuth2 / JWT / API key systems, Threat modeling & security tradeoffs
- Strong system design skills - especially for long-lived platformsComfort owning ambiguous, high-impact areas
Nice to have:
- Experience designing platforms used by multiple internal teams
- Security reviews, incident learnings, or compliance exposure
- Experience with large-scale migrations (auth or identity related)
- Background in developer platforms or core infrastructure teams
EEO Statement:
The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government recordkeeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision.
#LI-Remote #LI-NJ1
Top Skills
Api Key Systems
Jwt
Oauth
Similar Jobs
Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Lead complex digital transformation projects focusing on mobile banking. Engage senior stakeholders, manage risks, and ensure delivery within Agile frameworks.
Top Skills:
AccountsAgileAuthenticationCardsMobile BankingPaymentsSafeScrumSecurity
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
Design, develop, and maintain Big Data solutions for Disability & Absence products. Collaborate with teams to improve existing solutions and create automation scripts.
Top Skills:
Ci/CdHbaseHiveKafkaNifiNoSQLPigPythonShell ScriptSolrSpark
Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
The Manager of Operations supports financial reporting, monthly close, and billing processes for MetLife's Investment Management business. Key tasks include bank reconciliations, expense reporting, maintaining financial records, and analyzing revenue and expenses.
Top Skills:
HfmExcelPeoplesoftRevport
What you need to know about the Delhi Tech Scene
Delhi, India's capital city, is a place where tradition and progress co-exist. While Old Delhi is known for its rich history and bustling markets, New Delhi is defined by its modern architecture. It's clear the region places a strong emphasis on preserving its cultural heritage while embracing technological advancements, particularly in artificial intelligence, which plays a central role in shaping the city's tech landscape, fueled by investments in research and development.
