IAM Engineer

Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing.
We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Rather than build on top of broken legacy systems, we took a different approach: we built and operate our own mortgage servicing business managing $110+ billion in loans. This wasn't the end goal, it was how we deeply understood the complexity needed to build software that actually works in regulated industries.
The results speak for themselves. We've transformed mortgage servicing from a 0% margin business into 60%+ margins while dramatically improving customer experience. Major enterprise contracts are now deploying across the industry.
ValonOS is our unified platform that makes every process structured and programmable and it is perfectly positioned for the AI era. When everything flows through one system with rich data, AI agents don't just automate tasks, they continuously improve entire operations. Mortgage servicing is just the beginning of our vision to transform regulated industries and beyond.

We’re looking for a Senior or Staff Engineer to build and own the authentication and user management systems that will power the next phase of our platform. This is a foundational, multi-year initiative—critical to unlocking our ability to support enterprise SaaS clients with scale, compliance, and resilience.

This role is more than just security engineering: it’s about building identity as a product—from security tenancy controls to end user role management to developer-facing APIs and enterprise SSO. You’ll be the technical owner of our identity stack and work closely with product, security, and platform teams to design infrastructure that’s reliable, auditable, and intuitive for both end users and developers.

You’ll think in systems and tradeoffs, design for fault tolerance and auditability, and bring a product mindset to everything from login flows to permissioning APIs. Some example problems on the roadmap:

• Architect a multi-tenant identity platform supporting fine-grained roles and access control.

• Design and implement SSO integration and federation features for enterprise clients.

• Build self-serve user and permission management APIs with strong guarantees.

• Ensure auditability and compliance with zero-downtime authentication systems.
  

This is a high-impact role for someone who thrives on complexity and is excited to build critical systems that may be invisible when working—but foundational when scaling.

• Design and build core identity systems: authentication, authorization, user provisioning, and access control.

• Partner with product to define and implement user management features.

• Collaborate with security and compliance teams to meet enterprise client requirements.

• Develop scalable, auditable, and fault-tolerant infrastructure for regulated environments.

• Own technical strategy and execution for identity and authentication—balancing long-term vision with near-term needs.

• Establish and evolve IAM as a durable, user-facing capability, not just backend infrastructure.

• Advocate for best practices in security, performance, and developer experience across the identity surface.
  

• 5+ years of software engineering experience with a strong focus on identity, authentication, or access management systems.

• Proven experience designing and scaling systems like SSO, OAuth2, SAML, RBAC/ABAC, or multi-tenant IAM platforms.

• Strong systems design skills with an understanding of how to build secure, compliant, and resilient infrastructure.

• Experience working in or building for regulated environments (e.g., finance, healthcare, government).

• A product mindset—you care about APIs, UX, and making complex systems usable and intuitive.

• Experience working in SaaS environments, particularly those with multi-tenant architectures.

• Bonus: prior work in high-scale or compliance-heavy companies

• Bonus: demonstrated technical leadership or mentoring experience, even in informal roles.

Throughout the interview process, please remember that emails will only be from valon.com email addresses. We will never ask for any personally identifiable information during the interview process itself. Please reach out to [email protected] if you have any requests to verify the authenticity of an outreach.

Valon is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Valon makes hiring decisions based solely on qualifications, merit, and business needs at the time.