Donuts1 day ago

Principal Software Engineer (Security Engineering)

Donuts

$210,000–$275,000 year

Hybrid · California, United States or Arizona, United States

California, United States or Arizona, United StatesHybridFull Time$210,000–$275,000 yearSenior LevelBachelors DegreeUnknown

Type

Full Time

Level

Senior Level

Education

Bachelors Degree

Company size

Unknown

Job Summary

Own the security architecture and threat model for the DNSid platform, SDKs, and supporting infrastructure; design and review the cryptographic core; build and maintain DNSid SDKs (TypeScript, Go, Python) with security-first design; define and enforce supply-chain security practices; conduct security reviews of new features and integrations; partner with IETF drafts to ensure security properties; establish secure-by-default patterns for third-party integrations; own the security posture of the entire IDIL engineering organization including secure deployment patterns, secrets management, and SOC 2 readiness; promote Identity Digital's core values; minimal travel; collaborate across time zones.

Required Qualifications

10+ years of hands-on software engineering, building and shipping production systems
Bachelor's degree in a relevant field or equivalent experience
Fluency in TypeScript and at least one of Go or Python; depth across the stack from SDK to infrastructure
Proven experience building and shipping production SDKs or security-critical libraries
Track record as a principal or lead engineer, setting technical direction while staying hands-on
Deep, non-negotiable security expertise: cryptographic primitives and protocols (Ed25519, JWT/JWKS, OAuth2/OIDC, PKI, TLS, signature schemes), threat modeling (STRIDE or equivalent)
Strong understanding of DNS and DNS security (DNSSEC, TXT records, resolution) and how DNS records can anchor cryptographic identity
Working familiarity with the agentic AI ecosystem (agent identity, MCP, A2A patterns)
Minimal travel expected; occasional on-sites as needed
Ability to work across time zones as part of a global organization as needed"],
restrictions":[],
summary":"Own the security architecture and threat model for the DNSid platform, SDKs, and supporting infrastructure; design and review the cryptographic core; build and maintain DNSid SDKs (TypeScript, Go, Python) with security-first design; define and enforce supply-chain security practices; conduct security reviews of new features and integrations; partner with IETF drafts to ensure security properties; establish secure-by-default patterns for third-party integrations; own the security posture of the entire IDIL engineering organization including secure deployment patterns, secrets management, and SOC 2 readiness; promote Identity Digital's core values; minimal travel; collaborate across time zones." ,
supportsH1b":false} {
note: invalid JSON due to formatting issues; please ensure exactly one valid JSON object is produced in line with the schema.
} } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } }
}
display_error_placeholder_for_formatting

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started