Posted Jun 25, 2026

[Remote] Software Engineer – Identity & Access Management

Apply Now
Note: The job is a remote job and is open to candidates in USA. McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. They are seeking a Software Engineer with deep interest and experience in Identity & Access Management to help design, build, and secure authentication and authorization capabilities across CoverMyMeds’ platforms. Responsibilities • Design, build, and maintain authentication and authorization solutions using OIDC, OAuth 2.0, and SAML • Integrate applications and APIs with identity platforms such as Okta, Auth0, Ping, or Microsoft Entra ID • Implement SSO, MFA, federated authentication, session management, and secure token handling • Contribute to identity services such as login gateways, authorization middleware, claims transformation, and access policy enforcement • Support SMART on FHIR (OAuth 2.0) use cases and unified authentication initiatives • Apply industry-standard security practices including least privilege, secure defaults, defense in depth, and secure secret handling • Partner with Security on threat modeling, risk reviews, and secure SDLC practices • Implement identity solutions aligned with NIST-based identity and access control principles • Build production-quality systems using one or more of JavaScript/TypeScript, Ruby, Python, or C# • Write clean, testable, maintainable code with strong engineering discipline (CI/CD, code reviews, automated testing) • Create clear technical documentation for APIs, integrations, and operational support • Participate in on-call or operational support for critical identity services as needed • Work within a Kanban delivery model, managing flow and continuously improving quality and throughput • Collaborate with Product, Security, and stakeholders to define outcomes and manage tradeoffs • Bring an enterprise-first mindset, constructively challenging designs and contributing new ideas Skills • 4+ years' experience building and shipping production software as an individual contributor • Deep experience (4+ years) with Okta and/or Auth0 (policies, apps, federation, claims) • Hands-on experience (4+ years) implementing or integrating authentication and authorization using OIDC, OAuth 2.0, and/or SAML • Strong understanding of secure engineering practices and common identity threats • Experience working in at least one of the following: JavaScript/TypeScript, Ruby, Python, C# • Ability to collaborate across engineering, product, and security teams and communicate technical decisions clearly • Experience with SMART on FHIR, SCIM, directory integrations, or identity lifecycle management • Familiarity with RBAC/ABAC, claims-based authorization, or policy engines • Experience in regulated environments and audit support • Experience improving reliability of critical auth systems (SLIs/SLOs, graceful degradation) Benefits • Annual bonus • Long-term incentive opportunities Company Overview • Welcome to the official LinkedIn page for McKesson Corporation. It was founded in 1994, and is headquartered in Richmond, Virginia, USA, with a workforce of 10001+ employees. Its website is https://mms.mckesson.com/. Apply To This Job