Lead Software Engineer - Remote

Optum Tech is a global leader in health care innovation. Our teams develop cutting‑edge solutions that help people live healthier lives and help make the health system work better for everyone. From advanced data analytics and AI to cybersecurity, we use innovative approaches to solve some of health care's most complex challenges. Your contributions here have the potential to change lives.

Ready to build the next breakthrough? Join us to start Caring. Connecting. Growing together.

Aikyam is the most advanced "Identity as a Service" Platform within United Health Group that is aimed to provide a central and universal user identity for identifying and authenticating a user in the healthcare domain. It is built upon open standards like OAuth 2.0, OpenID Connect, SAML 2.0 Web SSO etc. It is a highly available, reliable and scalable service hosted in public cloud.

We enjoy the trust of large customers in healthcare industry and government services with operations across United States of America.

* You'll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.

• Define architecture and design patterns to ensure consistent, scalable, and efficient implementation of Identity Platform solutions
• Provide technical vision and engineering leadership for identity management across multiple platforms and ecosystems
• Ensure all solutions comply with enterprise IT principles, security standards, and healthcare regulations (HIPAA, TEFCA, CMS Interoperability)
• Lead intake scoping, solution concept development, and initial cost estimation, including logical-level system architecture definition
• Create end-to-end architecture blueprints, covering integration of applications, systems, platforms, and technical infrastructure
• Collaborate with solution engineering, development teams, partners, and vendors to maintain a coherent and consistent approach to design, implementation, and integration
• Provide hands‑on technical guidance, including reference implementations, reusable design patterns, and best‑practice guidelines
• Integrate AI and ML capabilities into identity workflows for adaptive authentication, fraud detection, and risk‑based access control
• Design and implement AI‑driven security analytics to detect anomalies, predict threats, and automate incident response in large‑scale environments
• Develop machine learning models for identity proofing, behavioral risk scoring, and continuous authentication
• Architect data‑driven security monitoring systems leveraging AI for real‑time threat hunting, predictive analytics, and automated remediation
• Research and adopt proactive AI‑based security strategies, such as anomaly detection, threat modeling, and autonomous policy enforcement
• Enable Agentic Identity frameworks, allowing AI agents to act under controlled, auditable delegated identities for secure automation
• Incorporate conversational AI and NLU into identity platforms for guided user experiences, troubleshooting, and self‑service authentication flows
• Establish AI governance and compliance controls, ensuring transparency, explainability, and bias mitigation in identity‑related AI models

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

• 8+ years of hands‑on technical experience in implementing secure enterprise applications using cloud technologies
• 6+ years of relevant experience in Identity & Access Management and Information Security
• 6+ years of experience with identity protocols (OAuth2, OIDC, SAML) and integrating AI into these flows
• 6+ years of experience with Identity federation, Single Sign‑On, RBAC, ABAC, MFA, RBA
• 6+ years of experience in Threat, Vulnerability & Risk management, Infrastructure security
• Hands‑on working experience with SailPoint, Forge Rock, Ping, Okta, One Login, Azure AD or similar IAM products
• Knowledge…