Engineering Manager - Identity and Access
This is a remote opportunity and we would be interested in applicants based in Canada (excluding PST timezones) at this time.
Engineering Manager - Identity and Access
The Opportunity:
Every day, millions of users rely on Grafana to monitor the health and performance of critical systems, from software applications to industrial environments and spacecraft. The Identity and Access team builds Grafana’s sign-in and permission systems. Our goal is simple: make sign-in smooth for end users, and make access controls clear, secure, and predictable for administrators.
The IAM team is responsible for authentication and authorization across Grafana, working across both our open-source and proprietary codebases. Our scope spans SAML, LDAP, OAuth/OIDC, JWT, and role-based access control (RBAC). Some integrations go deep, down to protocol details (for example, reading the SAML spec).
The IAM team is redesigning Grafana’s edge authentication and multitenant storage for identity resources, which is a rare chance to work on modern identity infrastructure at scale. Our code runs in critical request paths, so design decisions directly affect performance, reliability, and security across Grafana Labs’ products.
The team is evenly distributed across EMEA and NASA.
What You’ll Be Doing:
Manage and grow a team of distributed engineers, conducting regular 1:1s and providing consistent feedback to support each person's performance and career development.
Partner with product management and engineering leadership to shape the IAM roadmap, balancing security requirements, platform needs, and customer impact.
Guide the team through the full project lifecycle: from early design and scoping through delivery and post-launch iteration, ensuring high-quality and timely outcomes.
Collaborate closely with cross-functional partners including security, platform, cloud infrastructure, and the broader Grafana engineering organization to drive initiatives that span team boundaries.
Foster a team culture grounded in security-first thinking, technical rigor, and a respectful environment where people can do their best work.
Contribute to technical discussions, helping the team make strong architectural decisions on authentication flows and multi-tenant design.
As we are remote-first and our engineering organization is entirely remote, we provide guidance and meet regularly using video calls, so an independent attitude, good communication skills, and transparency are a must.
We invest heavily in developer productivity. You can use modern AI coding assistants as part of your daily workflow (your choice of tools, within security guidelines), backed by a company-funded usage budget so you can iterate quickly without unnecessary friction. We encourage pragmatic AI-assisted development: faster prototyping, test generation, refactors, documentation, and incident follow-ups—always paired with strong code review and quality standards. You’ll also have access to frontier models (e.g., GPT-Codex 5/3, Claude Opus 4.6, Gemini 3 Pro).
What Makes You a Great Fit:
You take initiative, follow through, and can move work forward in a complex, security-sensitive problem space, even when not everything is fully defined.
Experienced in people management: conducting meaningful 1:1s, delivering candid feedback, supporting career growth, and navigating performance conversations.
You trust your reports to own execution. Your focus is setting direction, aligning on outcomes, and spotting risks early, not task-level oversight. You judge performance by impact and delivery, not process for its own sake.
Transparent and direct by default. You share organizational context with your reports and treat them as partners. You advocate clearly for your reports when they are not in the room.
You back your reports' decisions publicly, and escalate when needed to resolve cross-team conflicts. When priorities collide, you make the call or create a clear path to one; you do not leave your team to absorb the ambiguity alone.
Comfortable collaborating across time zones and cultures in a fully remote environment, using clear and empathetic communication to build trust and a supportive team environment.
Requirements:
A strong software engineering background, ideally including work in backend systems using Go, sufficient to engage credibly in technical design discussions and challenge engineers toward strong decisions.
Familiarity with authentication and authorization concepts: OAuth 2.0, SAML, RBAC, OIDC, JWT…. You do not need to be a security expert, but you should be comfortable reasoning about identity and access problems.
Solid understanding of distributed systems principles: scalability, fault tolerance, consistency, and observability.
Demonstrated ability to manage delivery across multiple concurrent projects, align stakeholders with competing priorities, and communicate risks and timelines clearly.
Deeply customer-focused, consistently grounding technical decisions in real-world user and admin impact.
Comfort with AI-assisted tooling. We expect you to be curious and comfortable using AI-powered tools, ideally with practical experience integrating them into a team's workflow.
Strong mentoring and leadership skills
Bonus Points For:
Experience working in security-critical environments
Experience contributing to or maintaining open source projects
Familiarity with observability tooling (e.g., Grafana, Prometheus, OpenTelemetry)
Compensation & Rewards:
In Canada, the compensation range for this role is CAD 186,368 - 223,642. Actual compensation may vary based on level, experience, and skillset as assessed throughout the interview process. All of our roles include Restricted Stock Units (RSUs), giving every team member ownership in Grafana Labs' success. We believe in shared outcomes—RSUs help us stay aligned and invested as we scale globally.
About the job
Apply for this position
Engineering Manager - Identity and Access
This is a remote opportunity and we would be interested in applicants based in Canada (excluding PST timezones) at this time.
Engineering Manager - Identity and Access
The Opportunity:
Every day, millions of users rely on Grafana to monitor the health and performance of critical systems, from software applications to industrial environments and spacecraft. The Identity and Access team builds Grafana’s sign-in and permission systems. Our goal is simple: make sign-in smooth for end users, and make access controls clear, secure, and predictable for administrators.
The IAM team is responsible for authentication and authorization across Grafana, working across both our open-source and proprietary codebases. Our scope spans SAML, LDAP, OAuth/OIDC, JWT, and role-based access control (RBAC). Some integrations go deep, down to protocol details (for example, reading the SAML spec).
The IAM team is redesigning Grafana’s edge authentication and multitenant storage for identity resources, which is a rare chance to work on modern identity infrastructure at scale. Our code runs in critical request paths, so design decisions directly affect performance, reliability, and security across Grafana Labs’ products.
The team is evenly distributed across EMEA and NASA.
What You’ll Be Doing:
Manage and grow a team of distributed engineers, conducting regular 1:1s and providing consistent feedback to support each person's performance and career development.
Partner with product management and engineering leadership to shape the IAM roadmap, balancing security requirements, platform needs, and customer impact.
Guide the team through the full project lifecycle: from early design and scoping through delivery and post-launch iteration, ensuring high-quality and timely outcomes.
Collaborate closely with cross-functional partners including security, platform, cloud infrastructure, and the broader Grafana engineering organization to drive initiatives that span team boundaries.
Foster a team culture grounded in security-first thinking, technical rigor, and a respectful environment where people can do their best work.
Contribute to technical discussions, helping the team make strong architectural decisions on authentication flows and multi-tenant design.
As we are remote-first and our engineering organization is entirely remote, we provide guidance and meet regularly using video calls, so an independent attitude, good communication skills, and transparency are a must.
We invest heavily in developer productivity. You can use modern AI coding assistants as part of your daily workflow (your choice of tools, within security guidelines), backed by a company-funded usage budget so you can iterate quickly without unnecessary friction. We encourage pragmatic AI-assisted development: faster prototyping, test generation, refactors, documentation, and incident follow-ups—always paired with strong code review and quality standards. You’ll also have access to frontier models (e.g., GPT-Codex 5/3, Claude Opus 4.6, Gemini 3 Pro).
What Makes You a Great Fit:
You take initiative, follow through, and can move work forward in a complex, security-sensitive problem space, even when not everything is fully defined.
Experienced in people management: conducting meaningful 1:1s, delivering candid feedback, supporting career growth, and navigating performance conversations.
You trust your reports to own execution. Your focus is setting direction, aligning on outcomes, and spotting risks early, not task-level oversight. You judge performance by impact and delivery, not process for its own sake.
Transparent and direct by default. You share organizational context with your reports and treat them as partners. You advocate clearly for your reports when they are not in the room.
You back your reports' decisions publicly, and escalate when needed to resolve cross-team conflicts. When priorities collide, you make the call or create a clear path to one; you do not leave your team to absorb the ambiguity alone.
Comfortable collaborating across time zones and cultures in a fully remote environment, using clear and empathetic communication to build trust and a supportive team environment.
Requirements:
A strong software engineering background, ideally including work in backend systems using Go, sufficient to engage credibly in technical design discussions and challenge engineers toward strong decisions.
Familiarity with authentication and authorization concepts: OAuth 2.0, SAML, RBAC, OIDC, JWT…. You do not need to be a security expert, but you should be comfortable reasoning about identity and access problems.
Solid understanding of distributed systems principles: scalability, fault tolerance, consistency, and observability.
Demonstrated ability to manage delivery across multiple concurrent projects, align stakeholders with competing priorities, and communicate risks and timelines clearly.
Deeply customer-focused, consistently grounding technical decisions in real-world user and admin impact.
Comfort with AI-assisted tooling. We expect you to be curious and comfortable using AI-powered tools, ideally with practical experience integrating them into a team's workflow.
Strong mentoring and leadership skills
Bonus Points For:
Experience working in security-critical environments
Experience contributing to or maintaining open source projects
Familiarity with observability tooling (e.g., Grafana, Prometheus, OpenTelemetry)
Compensation & Rewards:
In Canada, the compensation range for this role is CAD 186,368 - 223,642. Actual compensation may vary based on level, experience, and skillset as assessed throughout the interview process. All of our roles include Restricted Stock Units (RSUs), giving every team member ownership in Grafana Labs' success. We believe in shared outcomes—RSUs help us stay aligned and invested as we scale globally.