[Remote] Software Engineer – Identity & Access Management
Note: The job is a remote job and is open to candidates in USA. McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. They are seeking a Software Engineer with deep interest and experience in Identity & Access Management to help design, build, and secure authentication and authorization capabilities across CoverMyMeds’ platforms.ResponsibilitiesDesign, build, and maintain authentication and authorization solutions using OIDC, OAuth 2.0, and SAMLIntegrate applications and APIs with identity platforms such as Okta, Auth0, Ping, or Microsoft Entra IDImplement SSO, MFA, federated authentication, session management, and secure token handlingContribute to identity services such as login gateways, authorization middleware, claims transformation, and access policy enforcementSupport SMART on FHIR (OAuth 2.0) use cases and unified authentication initiativesApply industry-standard security practices including least privilege, secure defaults, defense in depth, and secure secret handlingPartner with Security on threat modeling, risk reviews, and secure SDLC practicesImplement identity solutions aligned with NIST-based identity and access control principlesBuild production-quality systems using one or more of JavaScript/TypeScript, Ruby, Python, or C#Write clean, testable, maintainable code with strong engineering discipline (CI/CD, code reviews, automated testing)Create clear technical documentation for APIs, integrations, and operational supportParticipate in on-call or operational support for critical identity services as neededWork within a Kanban delivery model, managing flow and continuously improving quality and throughputCollaborate with Product, Security, and stakeholders to define outcomes and manage tradeoffsBring an enterprise-first mindset, constructively challenging designs and contributing new ideasSkills4+ years' experience building and shipping production software as an individual contributorDeep experience (4+ years) with Okta and/or Auth0 (policies, apps, federation, claims)Hands-on experience (4+ years) implementing or integrating authentication and authorization using OIDC, OAuth 2.0, and/or SAMLStrong understanding of secure engineering practices and common identity threatsExperience working in at least one of the following: JavaScript/TypeScript, Ruby, Python, C#Ability to collaborate across engineering, product, and security teams and communicate technical decisions clearlyExperience with SMART on FHIR, SCIM, directory integrations, or identity lifecycle managementFamiliarity with RBAC/ABAC, claims-based authorization, or policy enginesExperience in regulated environments and audit supportExperience improving reliability of critical auth systems (SLIs/SLOs, graceful degradation)BenefitsAnnual bonusLong-term incentive opportunitiesCompany OverviewWelcome to the official LinkedIn page for McKesson Corporation. It was founded in 1914, and is headquartered in Phoenix, Arizona, USA, with a workforce of 10001+ employees. Its website is https://www.chase.com/.