Position Summary...
We are seeking a Staff Engineer to lead the architecture and engineering of Walmart’s enterprise Single Sign-On (SSO) platform within Identity and Access Management (IAM). This role will drive the design of scalable, cloud-native authentication systems leveraging OAuth2, OIDC, SAML, and modern Zero Trust principles. The ideal candidate will combine deep distributed systems expertise with strong identity domain knowledge and help advance our next-generation AI-enabled authentication platform using adaptive and agentic security capabilities. This is a high-impact technical leadership role influencing identity strategy at enterprise scale.
What you'll do...
About the team
The Information Security team has the critical responsibility of ensuring that customers and associates can securely and seamlessly access Walmart systems. Within this organization, the Identity and Access Management (IAM) team builds and operates the authentication, authorization, and federation platforms that power secure access across enterprise and customer-facing applications.
The Single Sign-On (SSO) Engineering team is responsible for designing, building, and operating highly scalable identity platforms that provide secure, resilient, and intelligent authentication experiences across web, mobile, APIs, workforce, and partner ecosystems.
As identity threats evolve, we are increasingly leveraging Agentic AI and intelligent automation to enhance authentication decisions, detect anomalous access patterns, and dynamically enforce policies in real time.
We are looking for a Staff Engineer who is passionate about building secure, high-availability authentication systems at enterprise scale — and who can help shape the next generation of AI-enabled identity platforms.
**What You’ll Do **
Lead the secure design and development of scalable SSO and federation platforms, partnering closely with IAM, application, platform, and security engineering teams.
Architect and implement authentication and identity solutions using standards such as OAuth 2.0, OpenID Connect (OIDC), SAML 2.0, SCIM, and LDAP/AD.
"Design and build high-performance authentication services using Java, Go, Python, and modern frontend technologies, integrating with REST APIs and identity stores.
Develop and enhance identity lifecycle flows including login, MFA, adaptive authentication, token issuance/validation, session management, and secure logout.
Drive modernization initiatives such as Zero Trust authentication, password less authentication (FIDO2/WebAuth), and device trust integration.
Design and implement AI-driven adaptive authentication mechanisms that leverage behavioral signals, contextual risk scoring, and anomaly detection.
Partner with data science and security teams to build Agentic AI capabilities that:
- Dynamically adjust access policies based on risk posture
- Detect credential abuse or session hijacking in real time
- Recommend or autonomously enforce remediation actions (step-up MFA, token revocation, session termination)
- Continuously learn from telemetry and endpoint signals
Architect secure telemetry pipelines to support AI-based identity intelligence while maintaining privacy and compliance.
Own the end-to-end lifecycle of SSO services including deployment, reliability, monitoring, observability, and operational excellence.
Establish best practices around secure token handling, key management, certificate rotation, signing/encryption strategies, and secure communications.
Mentor engineers and influence architecture decisions to ensure secure-by-design identity implementations across teams.
**What You’ll bring **
10+ years of experience designing, building, and operating highly scalable, distributed authentication or identity platforms.
Deep hands-on expertise in Java, Go, or Python, with strong backend system design fundamentals.
Proven experience implementing and scaling SSO and federation technologies, including:
OAuth 2.0
OpenID Connect (OIDC)
SAML 2.0
SCIM
LDAP / Active Directory
Strong understanding of authentication flows (Authorization Code + PKCE, Client Credentials, Device Code, Token Exchange).
Experience implementing and securing:
- JWT and opaque tokens
- Token introspection and revocation
- Secure session management
Hands-on experience with MFA, adaptive authentication, risk-based authentication, and password less authentication (FIDO2/WebAuth).
Experience working with Identity Providers (e.g., Azure AD, Okta, Ping, custom IdPs).
Strong understanding of identity threat detection and response, including session risk**, credential abuse detection, and policy enforcement.**
Exposure to AI/ML-driven security systems, such as:
- Behavioral analytics
- Risk scoring models
- Anomaly detection systems
- Automated response orchestration
Interest or experience in building Agentic AI systems capable of:
- Autonomous policy evaluation and enforcement
- Security signal aggregation and contextual reasoning
- Continuous feedback loops for improving authentication decisions
Strong knowledge of cryptography fundamentals, PKI, key lifecycle management, and secure token signing (RSA/ECDSA).
Experience building cloud-native identity systems in Azure or GCP, using Docker and Kubernetes.
Strong Linux fundamentals and troubleshooting skills.
Proven ability to influence cross-functional teams and drive enterprise-wide IAM standards.
Excellent communication skills, with the ability to translate complex authentication, AI, and risk concepts into clear business and engineering guidance.
Security certifications such as CISSP, CSSLP, GIAC, or Cloud Security certifications are a plus.
About Walmart Global Tech Imagine working in an environment where one line of code can make life easier for hundreds of millions of people. That’s what we do at Walmart Global Tech. We’re a team of software engineers, data scientists, cybersecurity expert's and service professionals within the world’s leading retailer who make an epic impact and are at the forefront of the next retail disruption. People are why we innovate, and people power our innovations. We are people-led and tech-empowered.
We train our team in the skillsets of the future and bring in experts like you to help us grow. We have roles for those chasing their first opportunity as well as those looking for the opportunity that will define their career. Here, you can kickstart a great career in tech, gain new skills and experience for virtually every industry, or leverage your expertise to innovate at scale, impact millions and reimagine the future of retail.
Work
Walmart’s culture sets us apart, and we know being together helps us innovate, learn and grow great careers. This role is based in our Bangalore office for daily work, with the flexibility for associates to manage their personal lives.
Benefits
Beyond our great compensation package, you can receive incentive awards for your performance. Other great perks include a host of best-in-class benefits maternity and parental leave, PTO, health benefits, and much more.
Belonging
We aim to create a culture where every associate feels valued for who they are, rooted in respect for the individual. Our goal is to foster a sense of belonging, to create opportunities for all our associates, customers and suppliers, and to be a Walmart for everyone.
At Walmart, our vision is "everyone included." By fostering a workplace culture where everyone is—and feels—included, everyone wins. Our associates and customers reflect the makeup of all 19 countries where we operate. By making Walmart a welcoming place where all people feel like they belong, we’re able to engage associates, strengthen our business, improve our ability to serve customers, and support the communities where we operate.
Equal Opportunity Employer
Walmart, Inc., is an Equal Opportunities Employer – By Choice. We believe we are best equipped to help our associates, customers and the communities we serve live better when we really know them. That means understanding, respecting and valuing unique styles, experiences, identities, ideas and opinions – while being inclusive of all people.
Minimum Qualifications...
__Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications. __
Option 1: Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 4 years’ experience in software engineering or related area at a technology, retail, or data-driven company. Option 2: 6 years’ experience in software engineering or related area at a technology, retail, or data-driven company.
Preferred Qualifications...
__Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications. __
Certification in Security+, GISF, GSEC, CISSP, or CCSP., Master’s degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 2 years’ experience leading information security or cybersecurity projects.
Primary Location...
Building 10 (sez), Cessna Business Park, Kadubeesanahalli Village, Varthur Hobli , India