Experienced Information Security Engineer

Summary

Seeking a Senior Identity & Access Management Engineer to implement, automate, and operate federated identity integrations in support of modern healthcare applications. This role focuses on hands-on delivery of authentication and authorization solutions using industry-standard protocols, while applying CI/CD and automation practices to ensure identity changes are repeatable, reliable, and low risk.

The ideal candidate is an engineer who can work deeply in identity configurations, application integrations, and deployment pipelines, translating approved designs into production-ready solutions that scale across workforce and customer-facing use cases.

Your role in our mission

• Implement and support federated authentication and authorization integrations using OpenID Connect, OAuth 2.1, and SAML 2.0.
• Configure and maintain identity integrations for web, mobile, and API-based applications, including:
• Client registrations and trust relationships
• Token claims, scopes, and attribute mappings
• Certificates, signing keys, and rotation processes
• Support application modernization efforts by:
• Migrating legacy authentication mechanisms to standards-based federation
• Enabling token-based access for APIs and distributed services
• Supporting decoupled identity patterns for modern application architecture
• Build and maintain CI/CD pipelines for identity configurations and integrations, including:
• Source control of identity artifacts
• Automated deployment and promotion between environments
• Validation and rollback of identity changes
• Apply infrastructure-as-code or configuration-as-code principles to identity platforms where possible.
• Collaborate with application teams to implement identity integrations according to established patterns and standards.
• Troubleshoot complex authentication and authorization issues using logs, HTTP traces, and token inspection.
• Support operational identity activities such as incident response, certificate renewal, and configuration maintenance.
• Strong contribution to technical documentation, runbooks, and implementation guides.

What we're looking for

• 7+ years of experience in IAM, application security, or identity-focused engineering roles.
• Strong hands-on experience with:
• OpenID Connect and OAuth 2.1 flows and grant types
• SAML 2.0 federation configurations
• JWT signing, encryption, and validation
• Practical experience integrating identity with modern web and API architectures.
• Experience implementing CI/CD pipelines and Git-based workflows.
• Strong automation skills using scripting or pipeline tooling.
• Proven ability to deliver identity changes safely in regulated or security-sensitive environments.
• Strong troubleshooting skills at the protocol and application integration level.

What you should expect in this role

• Remote position (US only)
• Opportunities to travel through your work (0-10%)
• Video cameras must be used during all interviews, as well as during the initial week of orientation
• The deadline to submit applications for this posting is 5/30/2026