Strava is looking for an Engineering Manager of their Identity team to guide the technical direction of authentication and authorization systems that support iOS, Android, and web, while directly contributing code that ensures quality, velocity, and technical depth. This position sits at the intersection of security, platform experience, and user trust, aiming to build modern, reliable and secure identity foundations that improve login and signup flows, support abuse prevention, and power the next generation of Strava’s athlete experience.
Requirements
- You have experience building identity systems that serve a portfolio of applications, and you understand the nuances of token management, session continuity, and cross-app authentication.
- You have deep experience building and operating authentication, authorization, and account security systems at scale, using modern identity protocols and best practices.
- You’re skilled at designing secure, low-friction login, signup, and recovery flows that balance user convenience with robust protection against abuse.
- You have a track record of leading teams through complex identity challenges—from session management to MFA, passkeys, RBAC/ABAC models, and platform consistency.
- You think holistically about identity as a foundation for trust, safety, privacy, and growth, and you can translate this vision into clear technical strategy and execution.
Responsibilities
- Own the technical roadmap for Strava's identity platform, including sign-up (Apple and Google Sign-In, web authentication standards), login, password management, multi-factor authentication, and account recovery flows with a unified user experience and security and technical requirements
- Design and scale a unified identity foundation that supports Strava Group’s portfolio of apps while ensuring seamless cross-application authentication and secure token handling. Drive its evolution to adopt modern standards (OAuth 2.0, OIDC, WebAuthn, passkeys, biometrics).
- Architect, build, and maintain secure and scalable authorization and access control systems used by millions of athletes.
- Design and implement role-based and attribute-based access control systems that protect user privacy and support internal needs.
- Establish engineering best practices, high code quality standards, and operational excellence around identity services.
- Build consistency and feature parity across iOS, Android, and web identity experiences while respecting platform-specific patterns.
- Instrument, monitor, and improve authentication success rates, recovery completion, and overall account security.
Other
- We follow a flexible hybrid model that translates to more than half of your time on-site in our San Francisco office — three days per week.
- Collaborate closely with Product, Security, Trust & Safety, and Legal to ensure compliance, safety, and platform integrity.
- Influence the long-term technical strategy and product roadmap for identity at Strava Group, shaping the foundation for how athletes securely access their experience.
- Balance hands-on technical contribution with empathetic, clear, and consistent technical leadership.
- Create clarity and alignment across engineering, product, and cross-functional partners through excellent communication and influence.
