NetDocumentsRemote
Staff Software Engineer - Accounts
United States of America
Full Time
1 week ago
$170,000 - $190,000 USD
H1B Sponsor Likely
Key skills
C#/.NETMicroservices architectureEvent-driven architectureKafkaAuthentication systemsAuthorization systemsSQLNoSQLPostgreSQLDynamoDBAWSDatadogIdentity and Access Management (IAM)Relationship-Based Access Control (ReBAC)Role-Based Access Control (RBAC)Attribute-Based Access Control (ABAC)Policy-based access controlIdentity Provider (IdP) platformsSecurity risk managementThreat modelingVulnerability assessmentSecurity-by-designAudit loggingEnterprise compliance frameworksSOC 2GDPRHIPAAC#C.NETAzureIAMOktaLeadershipRisk ManagementMentoringProduct ManagementCommunication
About this role
NetDocuments is the world’s #1 trusted cloud-based content management and productivity platform that helps legal professionals do their best work. They are seeking a Staff Software Engineer to drive the architecture, design, and delivery of systems related to authentication, authorization, and access control for their global customer base, while also mentoring engineers and collaborating across teams.
Responsibilities:
- Set technical direction for the Accounts team, establishing patterns for secure, scalable, and observable systems running on AWS
- Lead architectural decisions across authentication and authorization domains
- Guide and influence cross-team initiatives from concept to completion, leading design and code reviews, and championing security and operational robustness
- Drive initiatives that improve reliability, performance, and scalability while actively managing cloud costs and operational efficiency
- Make sound architectural decisions by clearly articulating trade-offs and reasoning that holds up over time
- Build and maintain production-grade services using C#/.NET and microservices architecture on AWS
- Design and implement event-driven systems using Kafka and distributed streaming patterns
- Architect cloud-native solutions on AWS that balance reliability, maintainability, performance, and cost
- Design and build secure, scalable integrations across internal and external systems
- Translate complex functional and non-functional requirements into secure, reliable software solutions
- Take full ownership of initiatives from concept through production and ongoing operation
- Frame and clarify ambiguous problems, driving them forward with minimal guidance
- Proactively identify and address technical debt before it impacts the team or customers
- Resolve complex technical challenges across distributed, high-availability systems with sound judgment and clear reasoning
- Write high-quality, well-tested, maintainable code with a strong emphasis on long-term reliability
- Design resilient systems that maintain uptime and performance as we scale globally
- Implement robust observability through logging, metrics, tracing, and telemetry
- Monitor and optimize platform performance at scale, identifying bottlenecks and implementing solutions
- Create comprehensive technical documentation including architectural diagrams and design decisions
- Partner closely with Product Management and cross-functional engineering teams to define and deliver solutions
- Demonstrate technical leadership through mentorship, coaching, and raising the engineering bar via design reviews, best practices, and operational rigor
- Influence technical direction and build consensus across teams without relying on authority, bringing clarity to ambiguous problem spaces
- Champion security, operational robustness, and engineering quality across the team and beyond
- Contribute to hiring and team development
- Stay current with industry trends in identity, security, cloud-native architecture, and distributed systems
- Research and validate new ideas through proofs of concept aligned with product strategy
- Contribute improvements to engineering processes, tooling, and development practices
- Share knowledge through code reviews, design discussions, and documentation
Requirements:
- Bachelor's degree in Computer Science or a related field
- 7+ years of hands-on software engineering experience delivering production systems at scale
- Expert proficiency in C#/.NET
- Strong experience building microservices and operating in event-driven architecture
- Hands-on experience designing and building authentication and authorization systems
- Experience with distributed streaming platforms such as Kafka
- Deep database expertise across both SQL and NoSQL, including hands-on experience with PostgreSQL and DynamoDB
- Strong AWS public cloud experience; familiarity with Azure is a plus
- Expert proficiency with Datadog for observability, including dashboards, monitors, distributed tracing, and log management
- Familiarity with Identity and Access Management (IAM) concepts and patterns
- Proven ability to mentor engineers and lead technical initiatives across teams
- Excellent written and verbal communication skills, with a demonstrated ability to collaborate effectively across functions and influence outcomes without direct authority
- Proven track record of leading technical efforts that span multiple teams or system boundaries
- Deep experience with fine-grained access control models including Relationship-Based Access Control (ReBAC), RBAC, ABAC, and policy-based access
- Experience integrating with or building on Identity Provider (IdP) platforms such as Okta, Microsoft Entra, or IdentityServer
- Proven experience operating security-sensitive systems in regulated or enterprise environments, with a strong grasp of security risk management practices including threat modeling, vulnerability assessment, and security-by-design principles applied across identity infrastructure, credential management, and audit-logging systems
- Legal industry experience or familiarity with enterprise content management platforms, including an understanding of how legal professionals manage sensitive documents, matter-based workflows, and client confidentiality requirements
- Familiarity with enterprise compliance frameworks and data privacy regulations including SOC 2, GDPR, and HIPAA, with the ability to translate compliance requirements into concrete engineering decisions