Principal Software Engineer (Full Stack, Backend-Focused)

Arcadia is dedicated to happier, healthier days for all. We believe that there is a better healthcare world – one powered by data. Our platform transforms complex, diverse data into a unified foundation for health, helping organizations deliver better care, boost revenue, and lower costs. We’re a team of fiercely driven individuals committed to making healthcare more sustainable—and we’re looking for passionate people to help us get there.For more information, visit arcadia.io.Why This Role Is Important to ArcadiaArcadia’s mission is to improve healthcare outcomes through better data and smarter technology. A critical pillar of this mission is the User Management system, which governs authentication, authorization, and user provisioning across all Arcadia’s applications.We’re looking for a Principal Software Engineer to take technical ownership of this area—leading the rearchitecture and implementation of a robust, scalable, and secure access control framework. By the time you join, the team will have completed key architectural planning decisions; your focus will be on translating that architecture into reality.This is a backend-leaning full stack role (approximately 60/40) requiring deep distributed systems expertise and an ability to balance implementation detail with architectural vision.What Success Looks LikeIn 3 months- Ramp up on the existing User Management system, including authentication (Auth0, SAML 2.0), authorization models, and event-driven user provisioning workflows- Complete design handoff for the new access and grants architecture, collaborating closely with product and platform teams to understand business and security requirements- Begin staged implementation of the new system, focusing on core backend services and foundational APIsIn 6 months- Lead the implementation of a database-backed access control framework that replaces legacy patterns and improves performance, consistency, and scalability- Drive integration of new user and access models into key Arcadia applications, ensuring minimal disruption for internal and external users- Collaborate with SRE and infrastructure teams to strengthen IaC, deployment automation, and observability for User Management servicesIn 12 months- Own and operate a fully modernized User Management system that delivers secure, reliable, and high-performance authentication and authorization at scale- Introduce a centralized JWT validation and API gateway strategy to unify access control across services and reduce duplication of logic- Establish technical and operational excellence practices—measurable improvements in reliability, latency, and operational efficiency- Mentor engineers and guide teams across Arcadia in secure, distributed, and scalable system designWhat You'll Be DoingLeading the rearchitecture and implementation of the User Management platform—the foundation for authentication, authorization, and access control across Arcadia productsBuilding backend services and APIs (NestJS, TypeScript, PostgreSQL) supporting secure, multi-tenant access modelsDesigning distributed, event-driven systems to synchronize user data and access events across Arcadia applicationsDriving modernization of existing authentication and provisioning flows (Auth0, SAML 2.0, OAuth2, JWT)Managing cloud infrastructure through Infrastructure-as-Code (Terraform) and AWS-native services (ECS, S3, SNS, Aurora)Defining SLOs and designing telemetry for key features, ensuring robust monitoring, canary, and standard rollout strategiesPartnering with cross-functional stakeholders—including Product, Security, and SRE—to ensure alignment between technical execution and organizational prioritiesProviding leadership, mentorship, and clarity in complex, ambiguous problem spacesJoining the engineering on-call rotation, contributing to the reliability and operational excellence of the User Management platform and related servicesEnsuring that documentation, operational runbooks, and best practices are well maintained and available for peers and downstream teamsWhat You'll Bring10+ years of professional full-stack software engineering experience with a focus on backend and distributed systemsProven success building and scaling identity and access management systems, including authentication (SAML 2.0, OAuth2, JWT) and fine-grained authorization frameworksExpertise in TypeScript, Node.js/NestJS, and modern React/Angular development for full stack deliveryStrong command of cloud architecture (AWS preferred) and IaC practices with TerraformDeep experience with relational and NoSQL data stores, designing for vertical & horizontal scalability and high availabilityDemonstrated ability to own complex systems from design through rollout and post-release operation, with strong attention to quality and reliabilityExcellent collaboration skills and the ability to work across engineering, product, and SRE teams to deliver cohesive, secure systemsStrong communication and architectural reasoning skills—a