Principal Software Engineer - Authorization Platform

At PointClickCare our mission is simple: to help providers deliver exceptional care. And that starts with our people. As a leading health tech company that’s founder-led and privately held, we empower our employees to push boundaries, innovate, and shape the future of healthcare.
With the largest long-term and post-acute care dataset and a Marketplace of 400+ integrated partners, our platform serves over 30,000 provider organizations, making a real difference in millions of lives. We also reinvest a significant percentage of our revenue back into research and development, ensuring our employees have the resources to innovate and make a lasting impact. Recognized by Forbes as a top private cloud company and honored as one of Canada’s Most Admired Corporate Cultures, we offer flexibility, growth opportunities, and meaningful work. 
At PointClickCare, we empower our people to be the architects of a smarter healthcare future; one that is human-first and accelerated by AI to create meaningful and lasting change. Employees harness AI as a catalyst for creativity, productivity, and thoughtful decision-making. By integrating AI tools into our daily workflows, collaboration is enhanced, outcomes are improved, and every team member has the proficiency to maximize their impact. It all starts with our hiring practices where we uncover AI expertise that complements our mission, and we continue to invest in training and development to nurture innovation throughout the employee journey.
Join us in redefining healthcare — so it doesn’t just survive, it thrives. To learn more about PointClickCare, check out Life at PointClickCare and connect with us on Glassdoor and LinkedIn.

**Travel to Office expectations**For Remote Roles: If this role is remote, there will be in-office events that will require travel to and from the Mississauga and/or Salt Lake City office. These will include, but not limited to, onboarding, team events, semi-annual and annual team meetings.
For Hybrid Roles: If this role is Hybrid, there will be an expectation to reside within commutable distance to the office/location specified in the job listing. This will include, but not limited to, weekly/bi-weekly/monthly events in the office with your specific team. This is a requirement for this role.
About the role:   You will join a high-impact team transforming healthcare through technology. Our platform connects fragmented clinical systems to enable real-time care coordination across thousands of healthcare facilities, serving millions of users. You will design and build scalable platform services, leveraging modern AI-augmented engineering practices to accelerate delivery, improve reliability, and enhance clinical and operational outcomes.   This role specifically leads our authorization platform initiative: modernizing how we express, evaluate, and audit access decisions across a multi-tenant healthcare SaaS. You'll set the strategy for moving from scattered, application-embedded authorization logic toward a coherent, externalized authorization architecture that supports clinicians, partners, automated systems, and increasingly agentic AI workflows    What your day-to-day will look like:

• Build robust platform services supporting clinical operations.
• Partner with product and clinical teams to understand and solve real workflow challenges.
• Drive architectural decisions for business platform services.
• Own the reliability and performance of critical healthcare solutions.
• Mentor team members on modern engineering practices.
• Lead the design and rollout of an externalized authorization platform spanning RBAC, ABAC, and ReBAC models, choosing the right model for each domain (clinical data, administrative actions, cross-tenant sharing, etc.).
• Define our PDP / PEP / PIP / PAP architecture, including policy authoring, distribution, caching, and decision logging for audit.
• Extend our current homegrown authorization solution and, where it makes sense, augment it with reputable OSS frameworks as pragmatic evolution over rip-and-replace.
• Partner with security, compliance, and product to translate HIPAA, consent, and least privilege requirements into enforceable policy
• Establish patterns for extending authorization to AI agents and automated actors (scoped credentials, delegated authority, human-in-the-loop approvals)

What qualifications we’re looking for:   Required Technical Experience

• Strong track record building and shipping production software in modern languages (Java, Python, or similar).
• Deep understanding of cloud-native architecture and distributed systems design patterns.
• Expertise in design, optimization, and scaling for relational (SQL) database systems, bonus points for NoSQL database systems.
• Experience designing and implementing RESTful APIs and microservices.
• Proficiency with test-driven development, automated testing, and maintaining high code quality.
• Hands-on experience with modern frontend frameworks, primarily React.
• Working knowledge of CI/CD pipelines and infrastructure-as-code practices.
• Experience with production observability, monitoring, and performance optimization tools.

Authorization Expertise

• Deep working knowledge of authorization models — RBAC, ABAC, and ReBAC and clear judgment on where each fits.
• Hands-on experience designing PDP / PEP / PIP / PAP separations, including policy decision caching, and failure-mode design (fail-open vs. fail-closed, with explicit reasoning for each surface).
• Practical experience with one or more OSS authorization frameworks in production.
• Strong grasp of AuthN ↔ AuthZ boundaries
• Experience authoring policy-as-code.
• Awareness of how authorization is evolving for AI agents and autonomous systems — comfortable reasoning about non-human principals, delegated authority, ephemeral identity, and the limits of current standards in agentic contexts.

Modern Engineering Practices 

• Comfortable using AI-augmented development tools (e.g., GitHub Copilot, Claude Code) as part of your workflow.
• Experience applying AI tools throughout the development lifecycle from requirements analysis, documentation to incident response.
• Strong code review skills demonstrated through giving and receiving constructive feedback.
• Experience with Git workflows and collaborative development practices.
• Ability to balance feature delivery with system reliability and technical excellence.
•  Comfortable with on-call responsibilities and incident response.

What Would Make You Stand Out:

• Experience building and scaling SaaS platforms.
• Track record of mentoring engineers or leading technical initiatives.
• Background with Spring Boot and Java ecosystem.
• Experience with Azure cloud services and Kubernetes (AKS).
• Experience in healthcare technology or regulated industries.
• Understanding of HIPAA compliance and handling sensitive data 

Our Stack:

• Front-End: React, Micro-Frontends,Material-UI
• Backend: Java, Spring Boot
• Data: PostgreSQL, MSSQL, Redis
• CI/CD: GitHub Actions, Jenkins
• Infrastructure: Azure, AKS, Terraform
• AI Tooling: Claude Code 

    #LI-Aj1 #LI-Hybrid  PointClickCare Benefits & Perks:
Benefits starting from Day 1!Retirement Plan Matching Flexible Paid Time OffWellness Support Programs and ResourcesParental & Caregiver LeavesFertility & Adoption SupportContinuous Development Support ProgramEmployee Assistance Program Allyship and Inclusion CommunitiesEmployee Recognition … and more!
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations. As part of our commitment to a streamlined and equitable hiring experience, PointClickCare uses AI tools to assist with candidate screening and assessment.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com 
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.