Staff Software Engineer

KnowBe4 is the global leader in Human Risk Management, trusted by over 70,000 organizations worldwide to secure their employees and AI agents for over 15 years. We're pioneering a new era of security. AI-powered since 2016. And market-leading since day one. Our HRM+  combines continuous risk intelligence, advanced technical defenses, and personalized training to help organizations build strong security cultures. We help organizations understand, measure, and reduce human risk across their entire workforce, defending against, deepfakes, and emerging AI-powered threats. We believe that protecting organizations from cyberthreats and creating a positive environmental impact go hand in hand. True resilience is collective, it requires us to protect our people, our data, and our planet. Please submit your resume in English. To learn more about our team and office culture in São Paulo, Brazil, visit the following links.  Careers Page: https://www.knowbe4.com/careers/locations/sao-paulo Glassdoor: https://www.glassdoor.com/Location/KnowBe4-S%C3%A3o-Paulo-Location-EI_IE969384.0,7_IL.8,17_IC2479061.htm?__cf_chl_jschl_tk__=43e4b41af1fc3f19432cffa316a69e2c2be8c773-1620069984-0-AYMQe21TCsNd8oLf48xjPYxMn5ipmJ_r3dseaIGdDjvV3VMvp4yl0yG1tmrfkMoedhhN8IvEOOFeBbfJQjdmnWhZRDmzJEq-gW8-bzfeTicICRyqFRHeEzup_a5BgydX5zVm2U0mgcaqG8RaD5_erjNWW_xdDVZWZ27G4Ubgl-6Pn_CRe1hmOQjlqyDSJGArTBxvWDRaARtnnJ7fPf_pn0h2u9L_1uMLfJGbWPm862wcfh2wKOAoc6YlLUU2NvPoBFFD3u0pIjg1SO0JQdx-iR04mNxcFtLZiT44LGDps0AJfx3l2z_jybkEoz6eGzlt4qfYwqEDZwJ9Iy3H2Lr6gfAAjqrT53WAR1g2prBXg5L_lI0cEo1RFjw6WwL8LHucYJcyzK60YJkSt6vszgl4t0Xsdr7otXgac9qw9OQmrYRs-0otSD9_JCgs6whTRPXnSUKFKCXGX-veXpiD_MnFShQZv2RbpKo7nlU9FuPew9ZjpTOWlhhjSNSAs7OMl_0Arc5ipzM_-C1lsxoZq7Cx8IriVE8MkrzuTmnJzqego77RAWZz9sqGt_55BflwYKpQeg LinkedIn: https://www.linkedin.com/company/knowbe4/life/brazil/ Role Summary KnowBe4's Platform Services group builds the infrastructure that every product team depends on. At the Staff level, you're not just contributing to that foundation — you're shaping it. You'll work at the intersection of identity, platform reliability, and developer experience, solving problems that have direct impact on every engineer and every customer at KnowBe4. The identity and auth platform you'll help lead underpins session management, single sign-on, user provisioning, and cross-product authorization for the entire KnowBe4 product suite. The decisions made here ripple across every engineering team at KnowBe4 and the end-user sessions of a global customer base. We need engineers who can think at that scale, communicate across organizational boundaries, and write production-quality code — not just direct others to. This is a technical individual contributor role. You'll lead through your engineering, your judgment, and your ability to bring others along with you. What You'll Build Session and identity APIs in Rust deployed as AWS Lambda functions — high-throughput, low-latency services handling JWT validation, session lifecycle, and encrypted token management across multiple AWS regions Identity provider integrations — orchestration and configuration of Auth0 and Keycloak tenants, IDP sync services, and SSO/OIDC broker logic that spans legacy and modern auth systems User provisioning and lifecycle services — the USPS (User Provisioning Service) and UPMS (User Permission Management Service) layers that synchronize user state across products, CRM systems, and identity stores Cross-team platform SDKs — auth libraries in Rust, C#, and TypeScript consumed by multiple engineering teams; these are the APIs that teams depend on, so design quality and backward compatibility matter deeply Distributed event infrastructure — DFS (Distributed Feedback Service) subscribers, SQS-based event pipelines, and the message routing layer that coordinates state changes across bounded contexts Infrastructure-as-Code at scale — multi-account, multi-region Terraform that provisions and governs the identity and platform layer across development, staging, and production environments Technical direction — architecture reviews, RFC-style design proposals, mentorship of senior engineers, and cross-team coordination on platform-level changes Essential Responsibilities Develops software using the KnowBe4 Software Development Lifecycle and Agile Methodologies Assists other team members by providing technical direction Defines approaches and solutions to complex technical problems Makes significant contributions in new technology, sometimes resulting in patents, trade secrets, and/or professional publications and presentations Translates KnowBe4's strategic goals into operational plans Provides coordination across functional boundaries May act as team lead for larger sub-projects or entire, small projects Skills Requirements Strong backend engineering fundamentals in a typed, compiled language — Rust, C#, Go, Java, or equivalent; depth in one, curiosity about others AWS serverless architecture — Lambda (multi-runtime), DynamoDB, SQS, SSM, API Gateway, IAM; experience designing systems, not just using them Identity and auth concepts — OIDC, OAuth 2.0, JWT, SSO; you understand the flows, the attack surfaces, and the tradeoffs; deep implementation experience is a strong plus Distributed systems design — event-driven architecture, eventual consistency, message queues, idempotency, saga patterns Terraform at scale — multi-account, multi-region IaC; module design, state management, OIDC-based CI deploy patterns API design leadership — designing APIs consumed by multiple teams; versioning strategy, backward compatibility, contract testing GitLab CI/CD — pipeline design, shared components, multi-environment deployment patterns Technical communication — design docs, RFCs, architecture reviews; ability to synthesize complexity into clear proposals Preferred / Nice-to-Have Rust — production experience is a strong differentiator; familiarity with the async ecosystem (tokio, axum, reqwest, serde) particularly valued C# / .NET (8+) — Lambda AOT compilation, ASP.NET Core, Native AOT targeting linux-arm64 Auth0 — tenant administration, custom actions, SAML/OIDC/OAuth app configuration, Management API Keycloak — realm configuration, custom providers, integration with external IDPs TypeScript + Vue 3 — the platform layer includes frontend surfaces; full-stack comfort is valued even at the Staff level Python — event-processing services and tooling in this layer use Python Security engineering concepts — threat modeling, zero-trust principles, secrets management, credential rotation Education & Experience BS or equivalent plus 10 years of experience MS or equivalent plus 5 years of experience Ph.D. or equivalent plus 4 years of experience  Our Fantastic Benefits We offer company-wide bonuses based on monthly sales targets, employee referral bonuses, adoption assistance, tuition reimbursement, certification reimbursement, and certification completion bonuses - all in a modern, high-tech, and fun work environment. For more details about our benefits in each office location, please visit http://www.knowbe4.com/careers/benefits. Note: An applicant assessment and background check may be part of your hiring procedure. Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit www.knowbe4.com/careers/request-accommodation. No recruitment agencies, please. Offices: São Paulo, Brazil (São Paulo, Brazil);