
Senior Identity Engineer
SmithRx
Posted about 16 hours ago
Who We Are:
SmithRx is a rapidly growing, venture-backed Health-Tech company. Our mission is to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting edge technology, innovative cost saving tools, and best-in-class customer service. With hundreds of thousands of members onboarded since 2016, SmithRx has a solution that is resonating with clients all across the country.
We pride ourselves for our mission-driven and collaborative culture that inspires our employees to do their best work. We believe that the U.S healthcare system is in need of transformation, and we come to work each day dedicated to making that change a reality. At our core, we are guided by our company values:
- Integrity: Our purpose guides our actions and gives us confidence in the path ahead. With unwavering honesty and dependability, we embrace the pressure of challenging the old and exemplify ethical leadership to create the new.
- Courage: We face continuous challenges with grit and resilience. We embrace the discomfort of the unknown by balancing autonomy with empathy, and ownership with vulnerability. We boldly challenge the status quo to keep moving forward—always.
- Together: The success of SmithRx reflects the strength of our partnerships and the commitment of our team. Our shared values bind us together and make us one. When one falls, we all fall; when one rises, we all rise.
Job Summary:
SmithRx Mission: SmithRx is on a mission to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting-edge technology. We are seeking a highly specialized and visionary Identity Engineer to architect, build, and govern the unified identity ecosystems that secure our human workforce, cloud infrastructure, and autonomous AI agents.
The Role Environment: The ideal candidate resides within a commutable distance of our Lehi, UT office and is available to work on-site Monday through Friday. As an Identity Engineer, you will serve as the technical cornerstone of the Identity & Access pod. You will lead strategic initiatives to modernize our identity stack, moving beyond traditional IAM to pioneer Non-Human Identity (NHI) and AI agent governance in a strictly regulated healthcare environment (HIPAA).
Success Profile: We are looking for an Okta expert who understands policy-based cloud authorization and loves designing secure, 'paved road' identity solutions that empower developers rather than slowing them down.
What you will do:
- Core IAM & Lifecycle Automation: Architect and manage HR-driven provisioning by integrating Okta with Workday (Workday-as-a-Master) to automate complex attribute mapping and secure JML (Joiner/Mover/Leaver) lifecycles.
- SaaS Ecosystem Security: Engineer and deploy robust SSO (SAML 2.0, OIDC, OAuth 2.0) and SCIM provisioning for major enterprise applications, particularly Salesforce and Google Workspace.
- Cloud Identity Architecture: Design least-privilege policies and manage AWS Identity Security, including cross-account role assumption, identity federation via Okta, and AWS SSO (Identity Center).
- Policy-Based Access Control (PBAC): Implement decoupled authorization for cloud-native applications utilizing Open Policy Agent (OPA) and authoring strict access policies in Rego.
- AI Agent Governance: Secure autonomous AI workflows by assigning distinct identities to AI models, governing their API access, and applying strict sandboxing to prevent unauthorized data retrieval.
- Machine Identity Management: Own the lifecycle for traditional non-human identities (service accounts, OAuth tokens, API keys, X.509 certificates) to actively prevent secret sprawl across our cloud environment.
- Contextual Access & Device Trust: Implement zero-trust device posture checks by integrating MDM telemetry and device certificates with Okta to enforce contextual, frictionless access for a mixed fleet of macOS and Windows endpoints.
- Engineering Culture & Leadership: Mentor junior engineers, conduct rigorous architecture reviews, write clear documentation/runbooks, and elevate the overall identity security maturity of the team.
What you will bring to SmithRx:
- Experience: 5+ years of hands-on experience engineering, deploying, and managing enterprise IAM environments with deep Okta expertise.
- Cloud Proficiency: Strong hands-on background in AWS IAM, OPA, Rego, and designing zero-trust cloud architectures.
- NHI & Automation Expertise: Proven track record discovering, managing, and rotating machine identities, combined with a forward-looking approach to securing programmatic AI workflows.
- Platform Integration Skills: Advanced experience integrating core HRIS platforms (Workday) with Identity Providers, alongside managing complex fleet authentication (macOS/Windows).
- Regulated Environment Acumen: Solid understanding of access control principles required in highly regulated sectors (e.g., PBM, Healthcare, HIPAA, Privacy), including continuous access reviews and audit logging capabilities.
- Operational Excellence: A demonstrated passion for maintaining detailed documentation and translating complex identity concepts into scalable, automated solutions.
Nice to Have:
- Certifications: Okta, AWS or SANS relevant Identity certifications.
- Advanced Compliance: Deep experience mapping identity controls directly to ISO, SOC2, HITRUST, and specific privacy regulation frameworks.
What SmithRx Offers You:
- Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
- Flexible Spending Benefits
- 401(k) Retirement Savings Program
- Short-term and long-term disability
Job details
Jobr Assistant extension
Get the extension →