CAQH
Join to apply for the
Identity and Access Management Engineer
role at
CAQH
Position Summary We are looking for a highly skilled engineer with demonstrated expertise in Identity and Access Management (IAM) as well as Customer Identity Access Management (CIAM) technologies. The selected candidate will be responsible for planning, designing, and implementing IAM systems. This is a full-time, remote, exempt position and reports to the Director, Identity and Access Management.
Base Salary Range:
$130,000 – 165,000 annually.
Specific Responsibilities
Own the end-to-end technical design of IAM services, including identity lifecycle management, authentication, authorization, SSO, and privileged access controls, ensuring they are secure, scalable, and highly available.
Lead design and implementation of IAM integrations for SaaS and cloud platforms, including federation (SAML, OIDC, OAuth), MFA, and Passwordless capabilities.
Serve as the primary escalation point for complex IAM engineering issues; perform root‑cause analysis and drive long-term remediation and hardening of IAM platforms and related services.
Partner with Information Security architecture, infrastructure, application, and HR/IT teams to align IAM solutions with enterprise security strategy, compliance obligations, and business objectives.
Define IAM engineering standards, patterns, and reference architectures; guide other engineers in implementing secure onboarding patterns for applications into IGA, PAM, and SSO platforms.
Contribute to audits, risk assessments, and regulatory reviews by providing technical evidence, designing compensating controls, and closing identified IAM control gaps.
Develop architecture diagrams, process workflows, and technical documentation for identity governance frameworks.
Design and implement API integrations to enhance automation and system interoperability.
Implement customer identity workflows following standards like OAuth2, OpenID Connect, SAML and FIDO-based authentication.
Develop and optimize CIAM integrations across mobile apps, web applications, APIs, and cloud-native services.
Supervisory Responsibilities
None.
Skills
Deep expertise with Okta.
Strong hands‑on experience with Microsoft Entra ID and Active Directory as foundational directory services, and extensive experience implementing federation protocols (SAML, OIDC, OAuth2).
Proven track record designing and implementing IAM solutions in multi‑cloud environments, including the automation of provisioning, access reviews, and RBAC/ABAC models.
Experience with secrets management solutions.
Proficiency in at least one scripting or programming language (such as PowerShell, Python, or Java) to automate tasks and build custom connectors for our IAM tools.
Experience
10+ years of experience in Information Security or infrastructure engineering, with at least 5 years of hands‑on‑keyboard experience with core IAM platforms.
Education
Bachelor’s degree preferred.
Cloud Security Certifications, CISSP or CCSP certifications preferred.
Who We Are The Council for Affordable Quality Healthcare (CAQH) was formed by health plans who came together nearly 25 years ago with the desire to make healthcare work better. Today, we are trusted by stakeholders from across the healthcare ecosystem to improve business processes and offer the most comprehensive provider and member data in the United States.
What You Get CAQH recognizes that its most important asset is its growing team of smart, creative, collaborative, forward‑thinking and passionate professionals – and that a comprehensive employee benefits package is an important factor for them in choosing where to work. CAQH offers competitive compensation along with an extensive benefits package for all full‑time employees, including medical, dental and vision coverage, tuition assistance and a 401k. We offer full‑time remote work to all staff from any location and maintain a physical office in downtown Washington, DC.
At CAQH, we are proud of our active commitment to equal opportunities for all. Our teams work diligently to foster a workplace where all individuals are valued, respected, and empowered. We embrace different perspectives and are dedicated to providing equal opportunities for everyone to thrive. Join us in our mission to transform healthcare through innovative technology solutions while making a positive impact on the lives of diverse communities.
CAQH is an equal opportunity employer. It is our policy to recruit, hire, train, and promote individuals, as well as administer any and all personnel actions, without regard to race, color, religion, sex, national origin or ancestry, age, marital status, disability, protected veteran status, personal appearance, sexual orientation, gender identity or expression, familial status, family responsibilities, matriculation, political affiliation, genetic information, source of income, place of residence, or any other characteristic protected by law. CAQH will not tolerate any unlawful discrimination, and any such conduct is strictly prohibited.
Applicants have rights under the Family Medical Leave Act (FMLA), Equal Employment Opportunity (EEO), and the Employee Polygraph Protection Act (EPPA). If you are interested in applying for employment with CAQH and need an accommodation to apply for a posted position, contact CAQH Human Resources at 202-517-0436.
#J-18808-Ljbffr
Identity and Access Management Engineer
role at
CAQH
Position Summary We are looking for a highly skilled engineer with demonstrated expertise in Identity and Access Management (IAM) as well as Customer Identity Access Management (CIAM) technologies. The selected candidate will be responsible for planning, designing, and implementing IAM systems. This is a full-time, remote, exempt position and reports to the Director, Identity and Access Management.
Base Salary Range:
$130,000 – 165,000 annually.
Specific Responsibilities
Own the end-to-end technical design of IAM services, including identity lifecycle management, authentication, authorization, SSO, and privileged access controls, ensuring they are secure, scalable, and highly available.
Lead design and implementation of IAM integrations for SaaS and cloud platforms, including federation (SAML, OIDC, OAuth), MFA, and Passwordless capabilities.
Serve as the primary escalation point for complex IAM engineering issues; perform root‑cause analysis and drive long-term remediation and hardening of IAM platforms and related services.
Partner with Information Security architecture, infrastructure, application, and HR/IT teams to align IAM solutions with enterprise security strategy, compliance obligations, and business objectives.
Define IAM engineering standards, patterns, and reference architectures; guide other engineers in implementing secure onboarding patterns for applications into IGA, PAM, and SSO platforms.
Contribute to audits, risk assessments, and regulatory reviews by providing technical evidence, designing compensating controls, and closing identified IAM control gaps.
Develop architecture diagrams, process workflows, and technical documentation for identity governance frameworks.
Design and implement API integrations to enhance automation and system interoperability.
Implement customer identity workflows following standards like OAuth2, OpenID Connect, SAML and FIDO-based authentication.
Develop and optimize CIAM integrations across mobile apps, web applications, APIs, and cloud-native services.
Supervisory Responsibilities
None.
Skills
Deep expertise with Okta.
Strong hands‑on experience with Microsoft Entra ID and Active Directory as foundational directory services, and extensive experience implementing federation protocols (SAML, OIDC, OAuth2).
Proven track record designing and implementing IAM solutions in multi‑cloud environments, including the automation of provisioning, access reviews, and RBAC/ABAC models.
Experience with secrets management solutions.
Proficiency in at least one scripting or programming language (such as PowerShell, Python, or Java) to automate tasks and build custom connectors for our IAM tools.
Experience
10+ years of experience in Information Security or infrastructure engineering, with at least 5 years of hands‑on‑keyboard experience with core IAM platforms.
Education
Bachelor’s degree preferred.
Cloud Security Certifications, CISSP or CCSP certifications preferred.
Who We Are The Council for Affordable Quality Healthcare (CAQH) was formed by health plans who came together nearly 25 years ago with the desire to make healthcare work better. Today, we are trusted by stakeholders from across the healthcare ecosystem to improve business processes and offer the most comprehensive provider and member data in the United States.
What You Get CAQH recognizes that its most important asset is its growing team of smart, creative, collaborative, forward‑thinking and passionate professionals – and that a comprehensive employee benefits package is an important factor for them in choosing where to work. CAQH offers competitive compensation along with an extensive benefits package for all full‑time employees, including medical, dental and vision coverage, tuition assistance and a 401k. We offer full‑time remote work to all staff from any location and maintain a physical office in downtown Washington, DC.
At CAQH, we are proud of our active commitment to equal opportunities for all. Our teams work diligently to foster a workplace where all individuals are valued, respected, and empowered. We embrace different perspectives and are dedicated to providing equal opportunities for everyone to thrive. Join us in our mission to transform healthcare through innovative technology solutions while making a positive impact on the lives of diverse communities.
CAQH is an equal opportunity employer. It is our policy to recruit, hire, train, and promote individuals, as well as administer any and all personnel actions, without regard to race, color, religion, sex, national origin or ancestry, age, marital status, disability, protected veteran status, personal appearance, sexual orientation, gender identity or expression, familial status, family responsibilities, matriculation, political affiliation, genetic information, source of income, place of residence, or any other characteristic protected by law. CAQH will not tolerate any unlawful discrimination, and any such conduct is strictly prohibited.
Applicants have rights under the Family Medical Leave Act (FMLA), Equal Employment Opportunity (EEO), and the Employee Polygraph Protection Act (EPPA). If you are interested in applying for employment with CAQH and need an accommodation to apply for a posted position, contact CAQH Human Resources at 202-517-0436.
#J-18808-Ljbffr