[Remote] Software Engineer – Identity & Access Management

Note: The job is a remote job and is open to candidates in USA. McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. They are seeking a Software Engineer with deep interest and experience in Identity & Access Management to help design, build, and secure authentication and authorization capabilities across CoverMyMeds’ platforms.

Responsibilities

• Design, build, and maintain authentication and authorization solutions using OIDC, OAuth 2.0, and SAML
• Integrate applications and APIs with identity platforms such as Okta, Auth0, Ping, or Microsoft Entra ID
• Implement SSO, MFA, federated authentication, session management, and secure token handling
• Contribute to identity services such as login gateways, authorization middleware, claims transformation, and access policy enforcement
• Support SMART on FHIR (OAuth 2.0) use cases and unified authentication initiatives
• Apply industry-standard security practices including least privilege, secure defaults, defense in depth, and secure secret handling
• Partner with Security on threat modeling, risk reviews, and secure SDLC practices
• Implement identity solutions aligned with NIST-based identity and access control principles
• Build production-quality systems using one or more of JavaScript/TypeScript, Ruby, Python, or C#
• Write clean, testable, maintainable code with strong engineering discipline (CI/CD, code reviews, automated testing)
• Create clear technical documentation for APIs, integrations, and operational support
• Participate in on-call or operational support for critical identity services as needed
• Work within a Kanban delivery model, managing flow and continuously improving quality and throughput
• Collaborate with Product, Security, and stakeholders to define outcomes and manage tradeoffs
• Bring an enterprise-first mindset, constructively challenging designs and contributing new ideas

Skills

• 4+ years' experience building and shipping production software as an individual contributor
• Deep experience (4+ years) with Okta and/or Auth0 (policies, apps, federation, claims)
• Hands-on experience (4+ years) implementing or integrating authentication and authorization using OIDC, OAuth 2.0, and/or SAML
• Strong understanding of secure engineering practices and common identity threats
• Experience working in at least one of the following: JavaScript/TypeScript, Ruby, Python, C#
• Ability to collaborate across engineering, product, and security teams and communicate technical decisions clearly
• Experience with SMART on FHIR, SCIM, directory integrations, or identity lifecycle management
• Familiarity with RBAC/ABAC, claims-based authorization, or policy engines
• Experience in regulated environments and audit support
• Experience improving reliability of critical auth systems (SLIs/SLOs, graceful degradation)

Benefits

• Annual bonus
• Long-term incentive opportunities

Company Overview