Blue Shield Of California

Sr. Manager, Identity Platform Engineering

Blue Shield Of California$130K — $160K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or equivalent.
  • Minimum of 8 years experience in enterprise Identity and Access Management solutions.
  • 4 years of experience in people management and team leadership.
  • Strong knowledge of IAM concepts like Identity Lifecycle Management and Privileged Access Management.
  • Deep understanding of access control models, including Role-Based Access Control.

Responsibilities

  • Design and enhance enterprise Identity and Access Management capabilities across various environments.
  • Lead modernization efforts in Identity Lifecycle Management and access governance.
  • Contribute to IAM architecture and platform roadmaps to align with technology strategies.
  • Deliver IAM as an API-driven platform facilitating secure application onboarding and automation.
  • Develop identity services using Infrastructure as Code and CI/CD practices.
  • Partner with teams to integrate identity capabilities into modern software delivery pipelines.
  • Define access patterns for AI-enabled systems and support governance and compliance.

Benefits

  • Flexible hybrid work model, balancing in-office and remote work.
  • Opportunities for professional growth and development within the company.
  • Collaborative work environment fostering team partnerships.
  • Focus on cutting-edge technology in identity and access management.
  • Exposure to innovative practices in automation and AI integration.
Full Job Description
Job Description

Your Role

The Identity and Access Management team is responsible for designing, engineering, and operating enterprise identity services that enable secure, scalable, and seamless access across Stellarus' technology ecosystem. The team drives Identity Lifecycle Management, Identity Governance, Privileged Access Management, authentication, authorization, automation, and Zero Trust capabilities while partnering across the enterprise to support digital transformation, regulatory compliance, secure software delivery, and responsible AI adoption.

The Senior Manager, Identity Platform Engineering will report to the Sr. Director, Identity & Access Management. In this role, you will help shape the future of Stellarus' identity platform by engineering secure, automated, and scalable IAM capabilities that support hybrid cloud, SaaS, on-premises, application, privileged, service, machine, and AI-enabled access patterns.

You will partner with teams to integrate identity into modern software delivery practices, accelerate automation through DevOps and AI, and deliver programmatic identity services that can be consumed by development teams through self-service, least-privileged, time-bound, and policy-governed patterns.

Responsibilities

Your Work

In this role, you will:
  • Design, implement, and continuously improve enterprise Identity and Access Management capabilities across hybrid cloud, SaaS, on-premises, application, privileged, service, machine, and AI-enabled access patterns.
  • Lead the engineering, automation, and modernization of Identity Lifecycle Management, Identity Governance, Privileged Access Management, authentication, authorization, federation, and access governance capabilities.
  • Contribute to enterprise IAM architecture, engineering standards, platform roadmaps, service reliability practices, operational metrics, risk reduction plans, and measurable outcomes that support Stellarus' technology strategy.
  • Deliver IAM as a reusable, API-driven, developer-consumable platform that enables secure self-service application onboarding, entitlement workflows, access request automation, standardized integration patterns, reference architectures, and developer documentation.
  • Develop and maintain scalable identity services using Infrastructure as Code, configuration-as-code, DevOps practices, CI/CD pipelines, APIs, workflow orchestration, automated testing, policy validation, and automation frameworks to accelerate delivery and improve reliability.
  • Partner with teams to embed identity into enterprise platforms, cloud environments, software delivery pipelines, AI-enabled workflows, and modern application architectures.
  • Design and implement Role-Based Access Control, Attribute-Based Access Control, policy-based access control, Just-in-Time, just-enough, time-bound, ephemeral, and Least Privilege access models that reduce standing privilege while simplifying access administration.
  • Advance privileged access modernization and access governance through automated approval workflows, time-bound elevation, break-glass controls, credential rotation, session monitoring, access expiration, entitlement management, access certification, analytics, and risk-based privilege management.
  • Engineer integrations across identity governance, access management, privileged access, directory, cloud, HR, data, AI, and enterprise application platforms to support automated provisioning, deprovisioning, authentication, authorization, federation, policy enforcement, and machine-to-machine access.
  • Define secure identity and access patterns for AI-enabled systems, including AI agents, copilots, intelligent automation, autonomous workflows, machine identities, data access workflows, and applications requiring controlled access to enterprise or healthcare data.
  • Leverage AI, machine learning, and intelligent automation to improve identity operations, entitlement analysis, access reviews, anomaly detection, governance, audit readiness, operational insights, developer support, engineering productivity, and compliance with HIPAA, SOX, HITRUST, NIST, audit requirements, and Zero Trust principles.


Qualifications

Your Knowledge and Experience
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or equivalent combination of education and experience.
  • A minimum of 8 years of experience designing, implementing, and supporting enterprise Identity and Access Management solutions.
  • 4 years of prior people management experience with direct responsibility for supervising, coaching, and evaluating direct reports
  • Experience leading IAM, security engineering, platform engineering, cloud, infrastructure, or related technical teams.
  • Strong understanding of Identity Lifecycle Management, Joiner/Mover/Leaver processes, Identity Governance, and Privileged Access Management within complex hybrid cloud, SaaS, and on-premises environments.
  • Deep understanding of Role-Based Access Control, Attribute-Based Access Control, policy-based access control, Just-in-Time, just-enough, time-bound, and Least Privilege security models.
  • Strong knowledge of authentication and authorization frameworks, including Single Sign-On, Multi-Factor Authentication, SAML, OAuth 2.0, OpenID Connect, SCIM, and modern identity federation technologies across enterprise and consumer ecosystems.
  • Experience implementing and supporting enterprise identity governance, access management, directory, privileged access, cloud identity, HR, and application integration platforms.
  • Experience delivering identity as a platform capability, including self-service, API-driven, and developer-consumable IAM services for application, cloud, platform, and security engineering teams.
  • Experience developing automation using scripting languages, REST APIs, workflow automation, or similar programming approaches.
  • Experience implementing DevOps or platform engineering practices, including CI/CD, Infrastructure as Code, configuration-as-code, policy-as-code, automated testing, automated deployment, observability, and operational reliability.
  • Strong understanding of cloud identity and access patterns, including workload identity, service identities, managed identities, secrets management, key management, privileged access controls, and machine-to-machine access.
  • Experience integrating IAM capabilities into enterprise applications, cloud services, SaaS platforms, infrastructure platforms, and modern software development lifecycles.
  • Experience applying identity controls to AI-enabled systems, including AI agents, copilots, intelligent automation, machine identities, data access workflows, human-in-the-loop approvals, audit logging, and least-privilege access to sensitive enterprise data.
  • Experience leveraging AI-assisted development, intelligent automation, or machine learning technologies to improve operational efficiency, accelerate identity engineering, enhance access governance, or improve risk detection.


Hybrid

This role requires employees to be in-office based on our hybrid workplace model, balancing purposeful in-person collaboration with flexibility. For most teams, this means coming into the office two days each week.

Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need.

Physical Requirements:

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

Please click here for further physical requirement detail.

About Blue Shield Of California

Blue Shield of California is a not-for-profit health plan provider that has been providing Californians with access to high-quality healthcare for over 80 years. The company offers a range of health insurance products and services to individuals, families, and employers. Blue Shield of California is committed to improving the health and wellbeing of its members and the communities it serves. The company is also committed to sustainability and has implemented a number of initiatives to reduce its environmental impact.
Learn more about Blue Shield Of California
Size
7,000 employees
Industry
Founded
1981

Similar Jobs

More Jobs at Blue Shield Of California

More Information Technology Jobs

Find similar Sr. Manager, Identity Platform Engineering jobs: