engineering
Posted 2 hours agoSenior Identity Engineer
at Why Hiring
Remote
Responsibilities
- Core IAM & Lifecycle Automation: Architect and manage HR-driven provisioning by integrating Okta with Workday (Workday-as-a-Master) to automate complex attribute mapping and secure JML (Joiner/Mover/Leaver) lifecycles.
- Policy-Based Access Control (PBAC): Implement decoupled authorization for cloud-native applications utilizing Open Policy Agent (OPA) and authoring strict access policies in Rego.
Requirements
- We are seeking a highly specialized and visionary Identity Engineer to architect, build, and govern the unified identity ecosystems that secure our human workforce, cloud infrastructure, and autonomous AI agents.
- You will lead strategic initiatives to modernize our identity stack, moving beyond traditional IAM to pioneer Non-Human Identity (NHI) and AI agent governance in a strictly regulated healthcare environment (HIPAA).
- SaaS Ecosystem Security: Engineer and deploy robust SSO (SAML 2.0, OIDC, OAuth 2.0) and SCIM provisioning for major enterprise applications, particularly Salesforce and Google Workspace.
- Cloud Identity Architecture: Design least-privilege policies and manage AWS Identity Security, including cross-account role assumption, identity federation via Okta, and AWS SSO (Identity Center).
- AI Agent Governance: Secure autonomous AI workflows by assigning distinct identities to AI models, governing their API access, and applying strict sandboxing to prevent unauthorized data retrieval.
- Contextual Access & Device Trust: Implement zero-trust device posture checks by integrating MDM telemetry and device certificates with Okta to enforce contextual, frictionless access for a mixed fleet of macOS and Windows endpoints.
- Cloud Proficiency: Strong hands-on background in AWS IAM, OPA, Rego, and designing zero-trust cloud architectures.
- NHI & Automation Expertise: Proven track record discovering, managing, and rotating machine identities, combined with a forward-looking approach to securing programmatic AI workflows.
- experience integrating core HRIS platforms (Workday) with Identity Providers, alongside managing complex fleet authentication (macOS/Windows).
- Certifications: Okta, AWS or SANS relevant Identity certifications.
Experience
- Experience: 5+ years of hands-on
Benefits
- We believe that the U.S healthcare system is in need of transformation, and we come to work each day dedicated to making that change a reality.
- benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
- Flexible Spending Benefits
- 401(k) Retirement Savings Program
- Discretionary Paid Time Off
- Paid Company Holidays Wellness Benefits
- Paid Parental Leave benefits
Additional details
- SmithRx is a rapidly growing, venture-backed Health-Tech company. Our mission is to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting edge technology, innovative cost saving tools, and best-in-class customer service. With hundreds of thousands of members onboarded since 2016, SmithRx has a solution that is resonating with clients all across the country.
- We pride ourselves for our mission-driven and collaborative culture that inspires our employees to do their best work.
- Integrity: Our purpose guides our actions and gives us confidence in the path ahead.
- With unwavering honesty and dependability, we embrace the pressure of challenging the old and exemplify ethical leadership to create the new.
- Courage: We face continuous challenges with grit and resilience.
- We embrace the discomfort of the unknown by balancing autonomy with empathy, and ownership with vulnerability.
- We boldly challenge the status quo to keep moving forward—always.
- Together: The success of SmithRx reflects the strength of our partnerships and the commitment of our team.
- Our shared values bind us together and make us one.
- When one falls, we all fall; when one rises, we all rise. Job Summary: