Key skills
Identity & Access ManagementInformation SecurityOAuth 2.0OpenID ConnectSAML 2.0Identity federationSingle Sign-OnRBACABACMFARBAPasswordless authenticationThreat managementVulnerability managementRisk managementInfrastructure securityJavaSpringBootRESTful Web ServicesMicroservicesPythonPowerShellWeb application architecturesTCP/IP networkingCloud computingCryptographic techniquesSite Reliability EngineeringDDoS mitigationWeb Application FirewallsHTTP(s)TCP/UDPSSL/TLSForward and reverse proxiesLoad balancersSANS Top 20 Critical Security ControlsOWASP Top 10 vulnerabilitiesAWS CertificationsSailPointForgeRockPingOktaOneLoginAzure ADSecurity AnalyticsAIMachine learningHealthcare industry applicationsFISMAFedRAMPHIPAANIST800-53NIST800-63GDPRMachine LearningAnalyticsAWSAzureIAMOAuthSAMLIdentity ManagementSSORESTfulSaaSRisk ManagementOWASPCloud Security
About this role
Optum is a global organization focused on improving health outcomes through technology. They are seeking a Principal Software Engineer to design and maintain identity and access management solutions in cloud environments, ensuring security and aligning with business needs.
Responsibilities:
- Plan, define, design, implement and maintain the solution architecture in the area of internal and external identity & access management solution in public and private cloud environments
- Adopt, implement and define guidelines using open standard identity protocols and mechanisms such as OAuth 2.0/ OpenID Connect, SAML 2.0, Federated Identity Management and SSO
- Assess overall Identity platform and cloud security posture at frequent intervals. Redesign or evolve the posture as necessary
- Researches, Implements and promotes the adoption of proactive security concepts, such as threat hunting and threat modelling to improve the existing security strategy
- Drive architectural initiatives that align our business needs and technical capabilities for Identity Management solutions
Requirements:
- 8+ years of hands-on technical experience in implementing secure large-scale enterprise applications or SaaS platforms using cloud technologies
- 6+ years of relevant experience in Identity & Access Management and Information Security
- 3+ years of experience in OAuth 2.0, OpenID Connect, SAML 2.0, Identity federation, Single Sign-On, RBAC, ABAC, MFA, RBA, and Passwordless
- 3+ years of experience in Threat, Vulnerability & Risk management, Infrastructure security
- 3+ years of development experience on Java, SpringBoot, RESTful Web Services and Microservices
- 3+ years of experience in Scripting languages (Python and PowerShell)
- 3+ years of experience in web application architectures, TCP/IP networking, cloud computing and data integrity and confidentiality including cryptographic techniques
- 2+ years of demonstrable experience in Site Reliability Engineering and DDoS mitigation techniques
- 2+ years/knowledge of Web Application Firewalls, HTTP(s), TCP/UDP, SSL/TLS, Forward and reverse proxies, Load balancers
- 2+ years/knowledge of SANS Top 20 Critical Security Controls and OWASP Top 10 vulnerabilities
- Implementation of Technology specifications and/or RFCs
- AWS Certifications
- Hands-on working experience with SailPoint, ForgeRock, Ping, Okta, OneLogin, Azure AD or similar IAM product development
- Experience in implementing Security Analytics using AI and machine learning
- Experience in healthcare industry applications development and support
- Familiarity with security, privacy and compliance standards such as FISMA, FedRAMP, HIPAA, NIST800-53, NIST800-63 and GDPR
- All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy