Sr. Full Stack Security Software Engineer IAM (Identity and Access Management) – Hybrid 3 days

Job Title : Sr. Full Stack Security Software Engineer IAM (Identity and Access Management) Hybrid 3 days

Location :

Pleasanton / Bay Area California working at a Healthcare Company Hybrid 3 days a week.

Job Location

Pleasanton CA

Remote Work Policy

In office Hybrid 3 days (Tues-Thurs)

Visa Sponsorship

Available

Relocation - NOT Allowed

Client Overview :

Client is a EMR Software Company where healthcare meets true innovation. Its a clinician-driven AI-powered platform thats changing how providers deliver care and theyre growing is an all-in-one cloud-based platform that covers Electronic Health Records (EHR) Practice Management Patient Engagement Telehealth Revenue Cycle Management and Medical Billing. Client is redefining the intersection of technology and healthcare. Their all in one cloud-based platform brings together EHR Telehealth billing and patient engagement all powered by AI automation and scalable architecture. Engineers at the client EMR company work with modern technologies like AI driven transcription intelligent data analytics and API integrations that directly impact real-world clinical workflows. Its a place where innovation isnt theoretical and every feature you build helps doctors spend more time caring for patients not clicking through systems. The culture values curiosity collaboration and purpose driven problem solving.

Job Description :

This role will play a key role in designing building and maintaining the Identity and Access Management (IAM) systems that power CharmHealths cloud-based Electronic Health Record (EHR) platform.

This position blends secure software engineering cloud systems architecture and regulatory compliance ensuring that all users integrations and systems can safely access and interact within CharmHealths ecosystem.

This engineer will own end to end development of authentication and authorization features such as Single Sign-On (SSO) Multi-Factor Authentication (MFA) federated identity and role-based access control (RBAC) while embedding best practices for data protection and compliance with healthcare standards like HIPAA NIST SOC 2 and ISO 27001 .

The role requires a strong foundation in Java and Python deep understanding of IAM protocols and a passion for building secure scalable distributed systems.

The engineer will collaborate closely with Product Engineering DevOps and Security teams to implement new features optimize performance and ensure platform stability across CharmHealths fast-growing health technology environment. CharmHealth works like a startup and this candidate will need to be okay with wearing multiple hats and learning on the fly as well as be adaptable.

Key Responsibilities

• Design implement and maintain secure authentication and authorization systems for CharmHealths cloud-based products.
• Develop and enhance IAM features including user management SSO MFA federated identity and access delegation .
• Collaborate with auditors and security teams to maintain compliance with HIPAA NIST SOC 2 and ISO 27001 frameworks.
• Build and manage RESTful APIs ensuring secure data exchange and integration with internal and third party applications.
• Contribute to system architecture and design discussions focusing on scalability performance and security.
• Write clean modular testable code following best practices and participate in peer code reviews.
• Diagnose and optimize performance issues across distributed environments (AWS MySQL Redis Tomcat).
• Partner with DevOps to embed identity and security best practices within deployment pipelines and cloud configurations.
• Stay current on IAM and cybersecurity trends continuously improving CharmHealths approach to authentication access control and data protection.
• Mentor junior engineers and serve as a technical resource for IAM-related challenges within the product organization.

Interview Stages : First a Phone Screen In person coding round In person or remote design / architectural round final behavioral round

MUST HAVE SKILLS

Strong Java development experience (primary language) and working proficiency in Python. Multiple languages is preferred.

Deep understanding of authentication and authorization frameworks including OAuth 2.0 SAML

Strong understanding of security standards and compliance frameworks relevant to healthcare (e.g. HIPAA NIST SOC 2 ISO 27001)

Knowledge of data security best practices including encryption secure key management and safe data sharing.

Proven ability to build and support secure full stack applications with authentication authorization and data protection components.

Experience integrating with or developing identity systems (e.g. Single Sign-On multi-factor authentication or role-based access).

Background in scalable software development from medium to large companies.

Strong coding ability adaptability and willingness to learn new systems and languages.

Excellent communication skills and comfort working in a collaborative feedback driven environment.

Able to think "outside the box" with a good attitude

Bachelors degree in Computer Science Software Engineering or a related field (Masters preferred)

Security related certifications (CISSP Security AWS Security Specialty etc.) are a plus

Willing and able to work on site three days a week (Pleasanton CA)

Benefits

1. Can you walk me through your experience with Identity and Access Management systems. Specifically any work youve done with SSO MFA or protocols like OAuth2 SAML or OpenID Connect

2. Which language do you use most day to-day Java or Python and can you describe a project where you built or optimized a secure backend service (Do not have to get too technical but client wants to know they have projects they can speak about).

3. Have you worked in any regulated environments like healthcare or finance where compliance (HIPAA SOC 2 ISO 27001 etc.) was important (Even if not healthcare candidates should show structured thinking about compliance and security standards)

4. What interests you about working on healthcare technology and are you comfortable working hybrid in Pleasanton three days a week

Required Skills :

Lead development - authorizations : SSO MFA federated identity RBACHIPAA NIST ISO 27001. This role will play a key role in designing building and maintaining the Identity and Access Management (IAM) systems that power CharmHealths cloud-based Electronic Health Record (EHR) platform. This position blends secure software engineering cloud systems architecture and regulatory compliance ensuring that all users integrations and systems can safely access and interact within CharmHealths ecosystem. This engineer will own end to end development of authentication and authorization features such as Single Sign-On (SSO) Multi-Factor Authentication (MFA) federated identity and role-based access control (RBAC) while embedding best practices for data protection and compliance with healthcare standards like HIPAA NIST SOC 2 and ISO 27001. The role requires a strong foundation in Java and Python deep understanding of IAM protocols and a passion for building secure scalable distributed systems. The engineer will collaborate closely with Product Engineering DevOps and Security teams to implement new features optimize performance and ensure platform stability across CharmHealths fast-growing health technology environment. CharmHealth works like a startup and this candidate will need to be okay with wearing multiple hats and learning on the fly as well as be adaptable. Location : Pleasanton CA (Hybrid : three days on-site) Reports To : Engineering Lead Product Engineering Key Responsibilities Design implement and maintain secure authentication and authorization systems for CharmHealths cloud-based products. Develop and enhance IAM features including user management SSO MFA federated identity and access delegation. Collaborate with auditors and security teams to maintain compliance with HIPAA NIST SOC 2 and ISO 27001 frameworks. Build and manage RESTful APIs ensuring secure data exchange and integration with internal and third party applications. Contribute to system architecture and design discussions focusing on scalability performance and security. Write clean modular testable code following best practices and participate in peer code reviews. Diagnose and optimize performance issues across distributed environments (AWS MySQL Redis Tomcat). Partner with DevOps to embed identity and security best practices within deployment pipelines and cloud configurations. Stay current on IAM and cybersecurity trends continuously improving CharmHealths approach to authentication access control and data protection. Mentor junior engineers and serve as a technical resource for IAM-related challenges within the product organization.

Required Education : Masters Preferred

Key Skills

Active Directory,Identity & Access Management,LDAP,SAFe,Assistive Technologies,Authentication,Pediatrics Experience,NVDA,Sailpoint,SSH,SSO,Oracle

Employment Type : Full Time

Experience : years

Vacancy : 1

Monthly Salary Salary : 150 - 180