Engineering Manager - Identity and Access Management Platform

ABOUT BESTOW

Life insurance is one of the world's most important products. It's also one of the hardest to build, distribute, and modernize. Bestow exists to change that.

Bestow is a leading vertical technology platform serving some of the largest and most innovative life insurers. Our platform unifies the fragmented, legacy value chain, enabling carriers to launch products in weeks instead of years. Carriers choose us to scale and operate at unprecedented speed, powered by AI and automation.

Bestow isn't selling policies. We're building the infrastructure that helps an entire industry move faster, reach more people, and deliver on its promise.

Backed by leading investors (Goldman Sachs, Hedosophia, NEA, Valar, 8VC) and trusted by major carriers, Bestow is powered by a team that moves with precision, purpose, and heart. If you want to help reimagine a centuries-old industry with lasting impact, join us.

Bestow offers flexible remote/hybrid work, meaningful benefits, equity, and substantial growth opportunities.

Bestow participates in the E-Verify Program.

ABOUT THE TEAM

The Engineering team is responsible for all technology for Bestow and the Bestow Platform. We serve employees, consumers, and enterprise customers. In addition to building software, we integrate and manage many third-party products used by employees and as part of the platform. Our major functional teams are product engineering, infrastructure, IT, data & analytics, and program management. Engineering works closely with product management and design to define and prioritize the product roadmap.

As an Engineering Manager for the IAM Team, you will lead a team of Backend Software Engineers. You will partner with Product Managers, Underwriters, Design, and our external partners to develop and support solutions to power our digital life insurance enrollment experience. You will also collaborate with teams across Bestow to plan and execute the product roadmap. Our system runs on Kubernetes in Google Cloud Platform and is composed of several microservices written in Go that integrate using gRPC, REST, and async messaging patterns. You will share responsibility for operating our workloads on these platforms.

A key focus for this role will be leading the IAM Platform Scalability initiative—establishing a scalable identity and access management foundation that enables rapid customer onboarding without engineering intervention while supporting enterprise-grade security and compliance requirements.

This role is open to remote candidates. #LI-Remote

WHAT YOU’LL DO

This is a player/coach role with direct reports, spending approximately 20% of your time contributing production-level code.

Technical Leadership

• Remain hands-on in the code and actively participate in system design and architecture decisions

• Regularly review pull requests, providing thoughtful feedback that elevates code quality

• Partner with engineers on complex technical challenges, offering guidance without micromanaging

• Drive large initiatives from conception through delivery

IAM & Authentication Architecture

• Lead Auth0 optimization efforts including migration from Authorization Extension to Authorization Core, implementing proper Organizations structure for multi-tenancy, and establishing connection pooling strategies

• Architect authentication/authorization separation to enable independent scaling, caching, and policy management across enterprise partnerships

• Design token management strategies including hierarchical token structures, configurable token policies, and intelligent refresh patterns to optimize Auth0 costs

• Implement SCIM integration for automated user provisioning without manual intervention

• Support partner-specific requirements including biometric re-authentication, extended refresh tokens, multi-policy token inheritance, and regulatory-driven audit requirements

Team Development

• Orchestrate effective engineering ceremonies that promote collaboration and continuous improvement

• Create personalized growth plans for each team member, identifying strengths and development areas

• Provide regular, constructive feedback and create opportunities for engineers to expand their skills

Strategic Vision

• Balance technical excellence with business objectives

• Demonstrate sound judgment when making technical trade-offs

• Communicate complex technical concepts clearly to both technical and non-technical stakeholders

The ideal candidate embraces being both a technical contributor and a people leader, finding fulfillment in writing code while helping others grow into their full potential.

WHO YOU ARE

An Engineering Manager at Bestow is a highly technical leader who thrives at the intersection of people and technology. You combine deep technical expertise with exceptional leadership skills to drive engineering excellence while developing talent.

Core Requirements

• Bachelor's Degree or equivalent experience required

• 8+ years professional experience in the software industry, with at least 1 year of management experience while keeping your coding skills strong

• Professional experience with Go preferred

• Comfortable using Docker for local software development

• Familiar with modern, scalable system architectures (load balancing, horizontal scaling, etc.)

• Experience with PostgreSQL or other relational databases (comfortable writing ANSI SQL)

• Familiar with API design tools/languages (Protocol Buffers, Swagger, OpenAPI, etc.)

• Cloud computing & Kubernetes (or similar container orchestration) preferred

IAM & Authentication Experience (Highly Desired)

• Identity Provider Expertise: Hands-on experience with Auth0, Okta, or similar identity platforms including tenant/organization configuration, connection management, and Rules/Actions

• OAuth 2.0 / OIDC: Deep understanding of OAuth 2.0 flows, OpenID Connect, token types (access, refresh, ID tokens), and JWT structure/validation

• Multi-Tenant Architecture: Experience designing authentication systems that support multiple organizations with tenant isolation, partner-specific branding, and SSO configurations

• Authorization Patterns: Familiarity with RBAC, ABAC, and policy-based access control; experience separating authentication from authorization concerns

• Token Management: Understanding of token lifecycle management including caching strategies, rotation policies, revocation mechanisms, and optimization for scale

• SCIM/Provisioning: Experience with SCIM protocol for automated user provisioning and de-provisioning workflows

• Enterprise SSO: Experience integrating SAML 2.0 and OIDC-based SSO connections for B2B partnerships

• Security & Compliance: Understanding of authentication security best practices, audit logging requirements, and regulatory compliance (HIPAA, state insurance regulations)

Software Development Lifecycle

• Deep understanding of the entire software development lifecycle, including feature inception, system maintenance, continuous integration and release strategies, and GenAI developer tooling

• Ability to track key metrics and consistently meet established Service Level Agreements (SLAs)

• Ability to understand complex technical problems and identify areas of risk

• Ability to go deep technically when necessary—you should be able to contribute changes to the team's codebases at any time

Leadership & Soft Skills

• Highly organized and detail-oriented

• Proven track record of building and retaining high-performing teams

• Strong problem-solving abilities

• Excellent communication and collaborative attitude

• End-to-end ownership mentality

TOTAL REWARDS

At Bestow, we’re proud to be awarded for our team members, innovative products, and culture. Our standard benefits include:

• Competitive salary and equity based on role

• Policies and managers that support work/life balance, like our flexible paid time off and parental leave programs

• 100% paid-premium option for medical, dental, and vision insurance

• Lifestyle stipend to support your physical, emotional, and financial wellbeing

• Flexible work-from-home policy and open to remote

• Remote and WFH options, as well as a beautiful, state-of-the-art office in Dallas’ Deep Ellum, for those who prefer an office setting

• Employee-led diversity, equity, and inclusion initiatives

Recent Employer Awards include:

• Best Place for Working Parents 2023 + 2024 + 2025

• Great Place to Work Certified, 2022 + 2023 + 2024 + 2025

• Built In Best Places to Work, 2022 + 2023 + 2025

• Fortune’s Best Workplaces in Texas 2022 + 2023

• Fortune’s Best Workplaces in Financial Services and Insurance 2022 + 2023 + 2024

We value diversity at Bestow. The company will hire, recruit, and promote regardless of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, pregnancy or maternity, veteran status, or any other status protected by applicable law. We understand the importance of creating a safe and comfortable work environment and encourage individualism and authenticity in every team member.

Thanks for considering a job at Bestow!