Batteries-included authorization.

See all jobs
Early-stage startup
Fiddler, Intercom, Wayfair, Visa, Codecademy... See all
See all jobs

Working at Oso

At Oso, we're building the first batteries-included system for authorization so developers don't have to roll it on their own anymore. We're building slick APIs so they can get started quickly, and a fully-fledged policy language under the hood so they can customize their system however they need. We don't rely on product managers to spec out projects–the engineers on the team take big problems, experiment with solutions and ship a superhuman experience for our users.

Tech stack


Customer case studies

Fiddler adopted Oso as a way to retrofit access control to their existing product. The documentation, examples and the support provided on the slack channels is just plain awesome.

Wayfair spent that first week implementing and quickly had our design implemented using the Oso framework. This let us write an authorization policy in their declarative language, Polar.

How engineering works at Oso

How are the teams structured?

2- or 3-person teams organized temporarily around high-level goals.

What tools do engineers use?

  • Git for version control
  • Development: GitHub (Actions for CI)
  • Issue tracking: Linear
  • Diagrams: Excalidraw
  • Communication: Slack
  • Documentation: Hugo
  • Infrastructure:, AWS
  • Monitoring: Honeycomb

Can developers pick their own tools?

Yes! 🌈

How does the development process work? What's the process for working through bugs, features and tech debt?

  • Weekly cycles
  • Everyone participates in product work: new concept ideation, project definition, prioritization thinking, etc.
  • Projects are prioritized around blend of
    • Net new capabilities/features/functionality, while
    • Maintaining a bound on identified technical debt;
    • With an eye toward customer acquisition

How does code get reviewed, merged, and deployed?

  • Post in Slack when code is ready for review
  • Common to do a live walkthrough for larger pieces of work
  • Code can only be merged to main when it has at least one approval

What is the QA process?

  • Tests run on every pull request. Tests must be passing in order to merge.
  • Additional tests run on merge to main (e.g. the vast majority of the release process if tested on merging to main, failures are notified in Slack).

What are some recent examples of interesting development challenges solved by internal teams as part of building the product?

Some examples of things we’ve worked on are:

  • We designed new built-in authorization primitives for our declarative policy language, Polar, taking inspiration from interfaces and traits in Rust, and function prototypes in C.
  • We built an interactive debugger and tracing to help users understand their policies and improve our internal development process.
  • We tracked down a memory leak in our Go library by looking at a user’s memory usage charts from Datadog.

How does on-call work?

Weekly rotation where you’re responsible for community Slack, customer chat, and Github issues.

Hiring process at Oso

How does the application process work? What are the stages and what is the timeline?

Our interview process is posted on our career’s page FAQ, which includes detailed information on the specific questions we ask.

Stages: Initial screening, debugging exercise, onsite interview, references, offer Timeline: We work with each applicant’s timeline and needs as it relates to their readiness to make a decision.

We can move as fast as a few days and as slow as a month, but we prefer to move as fast as possible 😊

What is the career progression framework? How are promotions and performance reviews managed?

Currently, career progression is tracked and scaled individually. As we continue to grow the team, we know that this won’t be possible moving forward, so we are working to build a program that is suitable for all team members.

About Console

Console is the place developers go to find the best tools. Each week, our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don't have to.