Senior Customer IAM Engineer

Lyric is an AI-first, platform-based healthcare technology company, committed to simplifying the business of care by preventing inaccurate payments and reducing overall waste in the healthcare ecosystem, enabling more efficient use of resources to reduce the cost of care for payers, providers, and patients. Lyric, formerly ClaimsXten, is a market leader with 35 years of pre-pay editing expertise, dedicated teams, and top technology. Lyric is proud to be recognized as 2025 Best in KLAS for Pre-Payment Accuracy and Integrity and is HI-TRUST and SOC2 certified. Interested in shaping the future of healthcare with AI? Explore opportunities at lyric.ai/careers and drive innovation with #YouToThePowerOfAI.

Applicants must already be legally authorized to work in the U.S.  Visa sponsorship/sponsorship assumption and other immigration support are not available for this position.

We are seeking an experienced Senior Customer Identity and Access Management (CIAM) Engineer to design, architect, and implement enterprise-grade CIAM solutions. The role requires deep expertise in identity protocols, CIAM platforms, and secure enterprise integrations. You will collaborate with cross-functional teams to deliver scalable, secure, and user-friendly identity experiences.

• Architect, design, and implement CIAM solutions across web, mobile, and digital platforms.

• Integrate and manage CIAM platforms such as Okta, Auth0, Microsoft Entra ID, Ping, ForgeRock, and Transmit Security.

• Develop secure integrations with enterprise systems (CRM, SSO, directories, APIs).

• Implement advanced authentication methods including MFA, biometrics, adaptive authentication, and risk-based access.

• Lead end-to-end CIAM project lifecycles including requirements, design, development, testing, and deployment.

• Provide technical leadership, mentoring, and knowledge sharing across the team.

• Ensure compliance with regulatory frameworks (GDPR, CCPA, SOX, PCI).

• Research and adopt emerging CIAM technologies, protocols, and security frameworks..

Required Qualifications

• Bachelor’s or Master’s degree in Computer Science, Software Engineering, Cybersecurity, or at least 10 years relevant experience.

• 8+ years of experience in identity and access management, with at least 5 years in CIAM engineering.

• 3 + years with SAML, OAuth 2.0/2.1, OpenID Connect, and JWT.

• 3 + years with Java, Spring Boot, JavaScript, SQL, and enterprise application development.

• 5 + years with CIAM providers (Okta, Auth0, Microsoft Entra ID, Ping, ForgeRock, Transmit Security).

• 5 + years in cloud-native identity services (AWS IAM, Azure AD, Google Cloud Identity).

• 3 + years working with or adjacent to engineers in DevOps practices, CI/CD pipelines, containerization (Docker, Kubernetes), and microservices.

Preferred Qualifications

• Experience with Liferay Portal and custom identity-related development.

• Hands-on experience in enterprise-scale digital transformation programs.

• Proficiency with Git, GitLab, or similar version control and collaboration tools.

• Knowledge of scalable architecture design and cloud deployment patterns.

• Experience with fraud detection, risk engines, and behavioral analytics is a plus.

• Relevant certifications such as CISSP, Okta Professional/Consultant, Microsoft Identity, or cloud certifications.

***The US base salary range for this full-time position is:

The specific salary offered to a candidate may be influenced by a variety of factors including but not limited to the candidate’s relevant experience, education, and work location. Please note that the compensation details listed in US role postings reflect the base salary only, and does not reflect the value of the total rewards compensation. ***

Lyric is an Equal Opportunity Employer that strives to create an inclusive environment, empower employees and embrace collaborative success.