Principal Software Engineer, Privileged Access Management

Principal Engineer — PAM Platform

Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. We bring together Identity Governance (IGA), granular application access, cloud security, and Privileged Access Management (PAM) to secure the entire business ecosystem with a frictionless user experience. The world’s largest brands — including federal agencies and Fortune 500 financial institutions — trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance.

This role is on the PAM Platform team, building the next generation of PAM infrastructure that runs across multi-tenant SaaS, customer-managed deployments, and federal GovCloud environments. We are a distributed, AI-first R&D organization, and we are actively rolling out an AI-Driven Development Lifecycle (AiDLC) as our SDLC of record.

WHAT YOU WILL BE DOING

Drive technical strategy and architecture across PAM platform components, including federal-compliant deployment topologies

Partner with Product and Engineering Management on requirements analysis, roadmap planning, and technical decision-making

Lead end-to-end design and delivery of new services from greenfield through production hardening

Operate within and help shape our AiDLC workflow: living specs, AI-generated implementations, property-based and integration testing as blocking gates, and audit-tracked human approvals

Author and maintain the engineering contracts (CLAUDE.md, prompt libraries, agent skills, code standards) that govern how AI-driven development happens on the platform

Conduct deep code reviews on critical and security-sensitive changes — including AI-generated code

Mentor senior, staff, and associate principal engineers; raise the technical bar across the team

Debug, optimize, and refactor existing services as we evolve toward multi-tenant, multi-cloud, federal-

ready

Serve as a technical expert for internal teams and, when needed, customer-facing escalations

WHAT YOU BRING

Experience

10+ years of software engineering experience with demonstrated ownership of complex system design, implementation, and technical decision-making
Track record of taking systems from design through production at scale, including multi-tenant SaaS
Security & Compliance
Hands-on experience building security-focused systems — Privileged Access Management, Identity Governance, Authentication, Secrets Management, or adjacent domains
Required knowledge of FedRAMP, FIPS 140-3, and GovCloud (AWS GovCloud or Azure Government) — what they constrain, why, and how to design within them
Working knowledge of modern cryptography in practice: TLS/mTLS, KMS-backed key hierarchies, envelope encryption, HSM/key vault integration
Languages & Programming
Go strongly preferred as the platform’s primary language; deep proficiency in at least one systems/services language (Go, Rust, C++, Java, or similar) is required
Polyglot capability — you can read, reason about, and contribute across multiple languages, and you can defend language-choice decisions on technical merit
Frontend literacy in TypeScript/React is a plus
Architecture & Infrastructure
Solid hands-on Kubernetes experience — EKS or equivalent, Helm, manifests, operators, day-2 operations. Not “I used kubectl apply once.”
Cloud platform proficiency on AWS or Azure; multi-cloud experience is a plus
Microservices and API design: REST, gRPC/Protobuf, and the trade-offs between them
Experience with event-driven architectures (message buses, async workflows) — you know when to reach for them and when not to
Workflow orchestration experience (Temporal or similar) is a plus
Relational database design at scale — PostgreSQL preferred; schema-per-tenant or comparable isolation patterns a plus

Engineering Practice

• Strong testing discipline: unit, integration, end-to-end, and property-based testing
• Infrastructure as Code: Terraform, Helm; GitOps (ArgoCD) a plus
• CI/CD pipeline design and ownership — GitLab, GitHub Actions, Jenkins, CloudBees, or equivalent
• Observability: OpenTelemetry, structured logging, metrics, tracing
• Containerization: Docker multi-stage builds, distroless/minimal runtimes

AI-Driven Development

Active, deliberate use of AI coding tools (Claude Code, Cursor, Copilot, or comparable) as part of your daily workflow — beyond autocomplete
Comfort working in a spec-driven, agent-assisted development model with mandatory verification gates; AiDLC will be our SDLC, and we expect candidates to embrace and help refine it
Critical-review instincts: you don’t ship AI-generated code without reading it, testing it, and understanding it

Leadership

Demonstrated experience mentoring engineers and leading technical initiatives across distributed teams
Strong written and verbal communication — you can write a clear design doc, a clear PR description, and a clear engineering contract for an AI agent
Comfortable operating in a globally distributed organization (US + India)

Qualifications

• Bachelor’s or Master’s degree in Computer Science, a related technical discipline, or equivalent professional experience
• Excellent facilitation and consensus-building skills across engineering, product, and security stakeholders
• Demonstrated initiative and ability to prioritize independently in a fast-moving environment