Software Engineer – Identity & Access Management

Job Overview

We are hiring a Software Engineer to join Cover My Meds ’ core Identity & Access Management (IAM) platform team. In this hands‑on, product‑oriented role you will design, build, and secure authentication and authorization capabilities across our web applications.

• Design, build, and maintain authentication and authorization solutions using OIDC, OAuth 2.0, and SAML.
• Integrate applications and APIs with identity platforms such as Okta, Auth0, Ping, or Microsoft Entra .
• Implement SSO, MFA, federated authentication, session management, and secure token handling.
• Contribute to identity services such as login gateways, authorization middleware, claims transformation, and access policy enforcement.
• Support SMART on FHIR (OAuth 2.0) use cases and unified authentication initiatives.
• Apply industry‑standard security practices including least privilege, secure defaults, defense in depth, and secure secret handling.
• Partner with Security on threat modeling, risk reviews, and secure SDLC practices.
• Implement identity solutions aligned with NIST‑based identity and access control principles.
• Build production‑quality systems using JavaScript/Type Script, Ruby, Python, or C#.
• Write clean, testable, maintainable code with CI/CD, code reviews, and automated testing.
• Create clear technical documentation for APIs, integrations, and operational support.
• Participate in on‑call or operational support for critical identity services as needed.

Work within a Kanban delivery model, manage flow, and continuously improve quality and throughput. Collaborate with Product, Security, and stakeholders to define outcomes and manage trade‑offs, bringing an enterprise‑first mindset and constructively challenging designs.

• Degree or equivalent and 4+ years of relevant experience.
• 4+ years building and shipping production software as an individual contributor.
• Deep experience (4+ years) with Okta and/or Auth0 (policies, apps, federation, claims).
• Hands‑on 4+ years implementing or integrating authentication and authorization using OIDC, OAuth 2.0, and/or SAML.
• Strong understanding of secure engineering practices and common identity threats.
• Experience in at least one of:
  JavaScript/Type Script, Ruby, Python, or C#.
• Ability to collaborate across engineering, product, and security teams and communicate technical decisions clearly.

• Experience with SMART on FHIR, SCIM, directory integrations, or identity lifecycle management.
• Familiarity with RBAC/ABAC, claims‑based authorization, or policy engines.
• Experience in regulated environments and audit support.
• Experience improving reliability of critical auth systems (SLIs/SLOs, graceful degradation).

Priority will be given to candidates who reside in the Columbus, OH metropolitan area. We are unable to provide sponsorship for this role now or in the future.

Base pay range: $100,100 – $166,900. Additional compensation such as an annual bonus or long‑term incentive opportunities may be offered. Other benefits are available through McKesson’s Total Rewards program.

McKesson is an Equal Opportunity Employer. We provide equal employment opportunities to applicants and employees, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other legally protected category. Accommodations are available on request for candidates taking part in all aspects of the selection process. If you require accommodation, please email Disabili

McKesson has become aware of online recruiting‑related scams. McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application. They do not communicate via online chatrooms or email accounts such as Gmail or Hotmail. Scams may use the McKesson name in fraudulent emails, posts, or social media messages.

To learn more about benefits at McKesson, please visit our career site at