Lead Identity Solutions Architect - IAM

McKesson   •  

Houston, TX

Industry: Healthcare


5 - 7 years

Posted 33 days ago

  by    Yari Quintana

Current Need

  • We are seeking a Lead Identity Solutions Architect to join our Global Identity Architecture team to help deliver on our mission of providing superior identity services to our customers, providers, partners, and employees.

Position Description

  • As the Lead Identity Solution Architect, you will be part of a team that shapes the vision and strategy for Global Identity at McKesson. Successful candidates will have extensive experience in Customer or Enterprise Identity and Access Management and a proven ability to influence and drive change.

Responsibilities include:

  • Provides technical guidance to drive and shape the Global Identity Services architecture
  • Assists in the development of strategic roadmaps, technical blueprints, standards and reference architectures in support of the Global Identity Services program
  • Consults with business stakeholders and other architects to understand core business processes and business priorities and provides recommendations on IAM (Identity and Access Management) solutions
  • Assists with technical evaluations of IAM products including proof of concepts to determine business value of candidate solutions
  • Collaborates cross-functionally with other technology teams and Information Security and Risk Organization
  • Participates in Request for Proposal (RFP) and vendor selection process in the IAM space
  • Keeps abreast of industry trends and informs the team of evolving IAM standards and landscape
  • Mentors other members of the team on IAM best practices
  • Drives Request for Proposal (RFP) and vendor selection process in the IAM space


Minimum Requirements:

  • 6+ year experience in administering security controls in an organization
  • 4+ years' experience in developing technical architectures with minimum of 3 years focused on IAM architecture

Critical Skills

  • Strong understanding of the end-to-end Identity lifecycle management
  • Hands on experience with authentication and authorization protocols such as OIDC, SAML, OAuth2, FIDO, U2F, WebAuthn, SCIM, XACML, LDAP, RADIUS, Kerberos
  • Experience in architecting robust, scalable, and secure solutions that meet customer's IAM needs
  • Experience with Multi-factor authentication capabilities including token-based, biometrics, certificates, and adaptive authentication
  • Experience with IDaaS providers such as Okta, Azure AD, Ping Identity, or Google Cloud Identity

Additional Knowledge & Skills:

  • Experience with Privileged access management (PAM) architectures and capabilities (least privileged, session management, vaulting, and endpoint privileged management). Experience with CyberArk or Azure PIM a plus
  • Experience with cloud architectures particularly Azure and GCP native IAM controls
  • Experience with Identity Governance processes and solutions such as Sailpoint or Saviynt a plus
  • Experience with User Behavior Analytics
  • Experience with WorkDay, SAP, or SalesForce
  • Experience with O365, Active Directory and ADFS
  • Experience with MDM capabilities such as InTune, Jamf, or Airwatch
  • Experience with API Gateway and microservices architectures
  • Knowledge of Applied Cryptography and PKI
  • Experience with Python, PowerShell, Java, Java Script, JSON, REST, Scripting, HTML
  • Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR)
  • Excellent written and verbal communication and organizational skills
  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships


4-year degree in computer science or related field or equivalent experience


  • CISSP or SANS GIAC a plus
  • OKTA – Professional or Consultant a plus


McKesson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history. McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities.