Senior Identity Systems Engineer

Spotlight Preferred
Irving, Texas, United States (hybrid)
8 days ago


Position Summary:

As a senior IAM Engineer contribute during phases of design, configuration, deployments, and operations in area of Identity and Access Management (IAM). This includes Access Management (IAM), Identity Governance (IGA) and Identity Management solutions. This position is expected to have hands-on experience in a fast-paced environment, working with Business and Internal customers to deliver complex access management solutions. Expectations also include a deep debugging and issue triaging skills to mitigate risks, resolve issues and deliver modern access management solution.

Position Description:

  • Will be responsible for following the standards of McKesson for Identity, MFA, Access Management, and related environments

  • Performs hands on support and implementations of IAM solutions across multiple platforms as required, including but not limited to federation and backend development

  • Deliver modern access management integrations for B2B, B2C and B2E customers

  • Acts as lead on large projects for Business Units to provide IAM solutions as needed in a team environment

  • Evaluates and tests IAM products and platforms, makes recommendations, develops plans, and implementation.

  • Continually seeks ways to automate redundant functions to improve quality and efficiencies of tasks.

  • Documents standards, architecture, implementation procedures, and troubleshooting.

  • Manages customer expectations.  Keeps the customer aware of the project status, critical issues, and risks. Obtains stakeholder buy in at appropriate toll gates

  • Provide expert advice and assistance relating to all aspects of identity to broader IT, BU, and international teams, while communicating concepts of IAM to a broad range of audiences inside and outside of the team

  • Gather and document technical requirements needed for integration with IDM, Access Manager, Privileged Access Services etc.

  • Collaborate closely with the various global Security, Information Technology, BU, and application teams to insure IAM tools, configurations, and industry best practices are implemented uniformly across the enterprise

  • Frequently evaluate IAM technologies and service ensuring leadership is aware of the current IDM industry landscape

  • Create and maintain technical documentation such as SOPs, design documents, operational drawings, manuals, etc.

  • Stays current on latest technologies and trends

  • Participate in On-Call rotation

  • Provide light project management duties as needed and where required.

  • Enhances information competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members

  • Maintains an understanding of key Business Unit initiatives to provide effective Identity services and solutions

  • Provide escalation leadership and support when needed for AD, IAM tools, backend servers and databases, etc. 

  • Keeps management well informed on a timely basis of progress, status, and concerns for each assignment

  • Effectively communicates ideas and information to peers, management, and customers

  • Responsible for training, mentoring, directing, and validating the work of less experienced/knowledgeable team members

  • Perform additional work as requested



Minimum Requirements:

  • 6+ years of experience in integrating, developing, or administering access management security solutions in a large organization

  • 5+ years’ hands on experience developing/configuring access management solution using Okta or other IAM products (E.G; PingFederate, Auth0, etc.)

  • 5+ years of experience with identity federation and SSO via SAML, OIDC, and WS-FED

  • 5+ years’ experience in the field of Identity and Access Management

  • 5+ years’ experience integrating user account management across industry standard OS platforms

  • 4+ years of strong development experience developing solution using modern development language (preferably Java/J2EE, PowerShell, JavaScript etc.)

  • Experience in analysis and design work, with potential ability to develop and communicate architectural concepts, end state vision, and technology roadmaps.

  • Advanced knowledge of Active Directory, Azure AD, LDAP, or other directory systems

  • Experience with IAM technologies, and integrating with third-party applications

  • Knowledge of federation and SSO technologies such as SAML, OpenID Connect, OAuth, ADFS, or Multifactor Authentication

  • 3+ years’ experience implementing authentication and authorization within various application types (SPA, Machine to Machine (API Access), MVC)

  • 3+ years’ experience implementing infrastructure services authentication and authorization (AD, Kerberos, LDAP(S), TACACS+, etc.)

  • 5+ years’ experience with security compliance, governance, audit, and risk management.

  • Working knowledge of cloud-based systems, virtualization, container orchestration, and common application architectures\

  • Advanced experience integrating and federating different IDM technologies across multiple domains.

Preferred Skills:

  • Technical Experience in the following: Okta Classic and Okta Identity Engine, IdP, AD, LDAP

  • Advanced experience with automating user provisioning and reporting using industry standard platforms and programming languages (Powershell, Python, Ansible, Terraform, etc.)

  • Advanced understanding of PKI, encryption schemes, and secure credential storage.

  • Advanced understanding of Key Management, secret vaulting, and PAM with products such as CyberArk PAM, Hashicorp Vault, or Thycotic

  • Advanced manipulation of authentication and authorization tokens (SAML assertions, Oauth claims, grants, and scopes, etc.)

Additional Skills:

  • Technical Experience in the following: Saviynt, RSA, Single SignOn, oAuth, SAML, DNS, GCP, Azure, ADManager                                                    

  • Experience with web services using REST/SOAP

  • Strong Project and Time Management skills

  • Strong customer service and communication skills

  • Strong interpersonal and influencing skills

  • Able to exercise professional judgment within defined policies and procedures

  • Understanding of one or more control frameworks such as NIST, HIPAA-HITECH, SSAE 16, PCI, HITRUST, ISO 27001, etc.  Solid understanding of SOX and other regulations related to Identity and Access Management including GDPR.

  • Experience with relational Databases such as MySQL, Oracle, Microsoft SQL Server

  • Preferred experience with cloud-based Identity services such as Microsoft Azure AD

  • Preferred experience with customer identity solutions

  • Preferred experience configuring identity providers such as ADFS

  • Solid understanding of current web and web application servers.

  • Familiar with healthcare, privacy, or financial compliance regulations and IT and security frameworks and standards

  • OSCP, SANS/GIAC, CISSP or similar professional certifications is a plus

  • Must show progressive advancement in responsibility including deep troubleshooting technical skills

  • Ability to mentor junior staff and be a technical leader

  • Proactive, Self-motivated, and goal oriented


  • 4-year degree in computer science or related field or equivalent experience

Job Information

  • Job ID: 67871699
  • Workplace Type: Hybrid
  • Location:
    Irving, Texas, United States
    Alpharetta, Georgia, United States
  • Company Name For Job: McKesson
  • Position Title: Senior Identity Systems Engineer
  • Job Function: Security Engineer
  • Job Type: Full-Time

Please refer to the company's website or job descriptions to learn more about them.

View Full Profile

Jobs You May Like