Senior Backend Engineer - Identity & Access Management

ABOUT OnXWe’re a team of builders, adventurers, and risk takers using technology to help people confidently explore the outdoors. Driven by our mission to awaken the adventurer inside everyone, we build products that optimize every outdoor experience and inspire confidence to get out and go further.We’re a high-growth tech company. The pace is fast, the work takes grit, and ambiguity is part of the job. As the world changes around us, we adapt - continuously evolving how we build, prioritize, and deliver.Our business moves quickly, and there’s real opportunity to shape what we build next. Each of our verticals - Hunt, Offroad, Backcountry, and Fish - is at a different stage of maturity, which means the challenges you encounter and the impact you have will vary depending on where you sit and what the business needs most.We operate with an experimentation mindset, continually iterating and improving how we solve problems. We expect our people to use the latest tooling, including AI, thoughtfully and responsibly, pairing human judgment with technology to increase quality, speed, and impact.Our impact comes to life through the products we build, in the stories of our customers, and in our growing commitment to land stewardship and recreational access.What You Will DoonX is seeking a Senior Backend Engineer with a passion for building scalable platform Identity and Access Management (IAM) systems. Your focus will be on designing, developing, and scaling secure authentication, authorization, and user management services that are foundational to our platform. You will play a key role in evolving our IAM platform and delivering seamless cross-platform authentication across iOS, Android, and web.You will be part of our Core Services team that enables product teams to build faster and more securely by providing core infrastructure, services, and patterns. This is a great opportunity to help shape the future of how users securely access and interact with onX's suite of outdoor technology products.This position reports to the Director of Engineering, Core Services.TECHNOLOGIES WE USEOur backend engineers primarily work in Go running in Kubernetes on Google Cloud Platform. The IAM team works extensively with identity platforms (Ory Kratos, Hydra, Oathkeeper), distributed databases (CockroachDB), and OAuth 2.0/session management patterns. Understanding mobile authentication tradeoffs (WebView vs. browser-based auth, token-based patterns) is particularly relevant for this role.As an onX Senior Backend Engineer, your day to day responsibilities would look like:(Essential Job Duties)Build scalable, secure IAM services that enable new features and products across the onX suite of appsDesign and implement backend systems focusing on observability, fault-tolerance, security, and high performanceDrive architectural decisions related to Identity and Access Management, ensuring alignment with and advancing our broader platform strategyDefine and implement SLIs/SLOs for IAM services; drive reliability engineering practices including incident response and performance optimizationWrite thorough unit, integration, and acceptance tests to ensure high service quality and maintainabilityDocument APIs, service architectures, and technical decisions for internal stakeholders and external partners as neededCollaborate closely with fellow engineers, product managers, and other stakeholders through design reviews, paired programming, and cross-functional planning sessionsLeverage and extend existing onX services and platform patterns to drive consistency and reduce duplicationProactively improve system monitoring, alerting, diagnostics, and operational readiness of IAM-related servicesParticipate in an on-call rotation to ensure backend services remain highly available and reliableMentor and share knowledge with engineers on your teamLead by example and embody onX's company values, fostering a culture of technical excellence, ownership, and collaborationLOCATIONonX has created a thriving distributed workforce community across several US locations. This position can be performed from an onX corporate office, “Basecamp,” or “Connection Hub". Corporate Offices: onX was founded in Montana with offices in Missoula and Bozeman. If you prefer to work in an office at least part of the time this is a great option.Basecamps: Basecamps are established virtual workforce communities where a sizable number of distributed team members group for work, volunteering, socializing, and adventure.Our current Basecamps are located within a 90-mile radius of the following: Austin, TX; Charlotte, NC; Denver, CO; Kalispell, MT; Minneapolis, MN; Portland, OR; Salt Lake City, UT; and Seattle, WA. Connection Hubs: Connection Hub locations are smaller, emerging communities of distributed team members.Our current Connection Hubs are located within a 60-mile radius of the following: Boise, ID; Charleston, SC; Dallas/Fort Worth, TX; Phoenix, AZ; Richmond, VA; Spokane, WA; and Vermont.What You’ll BringB.S., M.S., or equivalent experience in computer science or a related fieldEight or more years of professional software development experience, with API development as a primary focus for at least three of those yearsStrong Go/Golang backend development experience with RESTful API designExperience building and debugging distributed, scalable, highly available microservices architectureSolid understanding of identity systems: OAuth 2.0, session management, bearer token authentication, SSO integrationsExperience with distributed databases (CockroachDB or similar PostgreSQL-compatible distributed systems) and relational databases (PostgreSQL, MySQL)Excellence in designing and developing modern APIs and scalable systems that ensure reliability and extensibilityFamiliarity with Docker, Kubernetes, and infrastructure-as-code technologies such as TerraformStrong computer science foundationSecurity-first mindset -- you think about threat models, secure defaults, and defense in depth as part of your design processYou evaluate technologies and solutions based on merit, stability, performance, and the ability to debugAbility to write maintainable, well-tested code that's easy for others to understandA strong sense of ownership of your workAdvocacy for customers -- both internal colleagues and end users -- and their experiencePermanent US work authorization is a condition of employment with onXPreferred QualificationsThough not required, we would be thrilled to consider candidates with any of the following:Experience with identity platforms such as Ory Kratos, Auth0, Cognito, or similarExperience with the Ory Stack, especially Hydra, Kratos, and OathkeeperExperience with Authzed SpiceDB, Google Zanzibar, or AWS Cedar for fine-grained authorizationUnderstanding of mobile authentication patterns: WebView vs. browser auth tradeoffs, token-based flows across iOS/Android/webReliability engineering experience: SLI/SLO implementation, incident response, performance optimizationSOC2 compliance experience or familiarity with security audit frameworksExperience with Elixir or the Phoenix FrameworkFamiliarity with Google Cloud PlatformExperience working with a distributed teamCompensationonX is committed to compensating all employees fairly and equitably for their contributions. For this position, applicants can expect to make between $146,000 to $182,000 upon hire. The pay range will vary based on experience, skills, certifications, and education among other factors as required in the job description. In addition, full-time onX employees are eligible for a grant of common share options with a vesting schedule and a potential annual bonus of 10% based on company performance.What We Are Offering YouCompetitive salaries, annual bonuses, equity, and opportunities for growthComprehensive health benefits including a no-monthly-cost medical plan Parental leave plan of 5 or 13 weeks fully paid401k matching at 100% for the first 3% you save and 50% from 3-5%Company-wide outdoor adventures and amazing outdoor industry perksAnnual “Get Out, Get Active” funds to fuel your active lifestyle in and outside of the gymFlexible time away package that includes PTO, STO, VTO, quiet weeks, and floating holidaysPerformance EssentialsIn this role, success is driven by cognitive abilities such as concentration and problem-solving, essential for our computer-centric tasks. onX will explore reasonable accommodations to ensure that individuals with diverse abilities can fully engage in and contribute to the essential physical and mental functions of the job. If you need assistance or accommodation, please contact us at PS@onxmaps.com.Position open until filled. At onX, we believe that unique perspectives make us stronger. By bringing together people with different experiences, ideas, and viewpoints, we fuel innovation and move closer to our mission of awakening the adventurer in everyone. We are proud to be an equal opportunity employer and are committed to fairness not only in hiring, but also in development, compensation, and promotion. Our goal is to build an inclusive community where every team member can show up authentically and thrive. Together, we win as one team. Come join us!onX Maps will never ask for credit card or SSN details during the initial application process. For your digital safety, apply only through our legitimate website at onXmaps.com or directly via our LinkedIn page.onX does not sell any Personal Information, but we may transfer employment related records to our service providers or third parties that provide business services to onX or as required by law. For more information, see our Privacy Policy.As part of our interview process, your conversation may be recorded for documentation purposes to allow interviewers to focus fully on the discussion. Recordings are confidential and accessible only to authorized personnel. Please note, onX respects all applicable laws regarding recording consent, and you will have an opportunity to opt-out if preferred.