Blue Shield Of California

Sr. Manager, Identity Platform Engineering

Blue Shield Of California$130K — $160K *
Enterprise Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or equivalent experience.
  • Minimum of 8 years in designing, implementing, and supporting enterprise Identity and Access Management solutions.
  • 4 years of people management experience with direct responsibility.
  • Experience in leading IAM, security engineering, or related technical teams.
  • Strong understanding of Identity Lifecycle Management and Privileged Access Management in hybrid environments.
  • Deep knowledge of various access control models, including Role-Based and Attribute-Based Access Control.
  • Familiarity with authentication frameworks like SAML and OAuth 2.0.

Responsibilities

  • Design and improve enterprise Identity and Access Management capabilities across varied access patterns.
  • Lead the automation and modernization of Identity Lifecycle Management and governance features.
  • Contribute to IAM architecture and operational metrics aligned with the technology strategy.
  • Deliver a self-service, secure identity platform for developers.
  • Utilize Infrastructure as Code and CI/CD practices to enhance identity service delivery.
  • Collaborate to embed identity features into modern software delivery pipelines.
  • Define secure access patterns for AI systems, ensuring appropriate controls and governance.

Benefits

  • Hybrid work model with flexibility for in-office collaboration.
  • Opportunity to lead cutting-edge identity technology initiatives.
  • Professional development and career advancement opportunities.
  • Access to the latest tools and technologies in IAM.
  • Engagement in projects supporting digital transformation and responsible AI adoption.
Full Job Description
Job Description

Your Role

The Identity and Access Management team is responsible for designing, engineering, and operating enterprise identity services that enable secure, scalable, and seamless access across Stellarus' technology ecosystem. The team drives Identity Lifecycle Management, Identity Governance, Privileged Access Management, authentication, authorization, automation, and Zero Trust capabilities while partnering across the enterprise to support digital transformation, regulatory compliance, secure software delivery, and responsible AI adoption.

The Senior Manager, Identity Platform Engineering will report to the Sr. Director, Identity & Access Management. In this role, you will help shape the future of Stellarus' identity platform by engineering secure, automated, and scalable IAM capabilities that support hybrid cloud, SaaS, on-premises, application, privileged, service, machine, and AI-enabled access patterns.

You will partner with teams to integrate identity into modern software delivery practices, accelerate automation through DevOps and AI, and deliver programmatic identity services that can be consumed by development teams through self-service, least-privileged, time-bound, and policy-governed patterns.

Responsibilities

Your Work

In this role, you will:
  • Design, implement, and continuously improve enterprise Identity and Access Management capabilities across hybrid cloud, SaaS, on-premises, application, privileged, service, machine, and AI-enabled access patterns.
  • Lead the engineering, automation, and modernization of Identity Lifecycle Management, Identity Governance, Privileged Access Management, authentication, authorization, federation, and access governance capabilities.
  • Contribute to enterprise IAM architecture, engineering standards, platform roadmaps, service reliability practices, operational metrics, risk reduction plans, and measurable outcomes that support Stellarus' technology strategy.
  • Deliver IAM as a reusable, API-driven, developer-consumable platform that enables secure self-service application onboarding, entitlement workflows, access request automation, standardized integration patterns, reference architectures, and developer documentation.
  • Develop and maintain scalable identity services using Infrastructure as Code, configuration-as-code, DevOps practices, CI/CD pipelines, APIs, workflow orchestration, automated testing, policy validation, and automation frameworks to accelerate delivery and improve reliability.
  • Partner with teams to embed identity into enterprise platforms, cloud environments, software delivery pipelines, AI-enabled workflows, and modern application architectures.
  • Design and implement Role-Based Access Control, Attribute-Based Access Control, policy-based access control, Just-in-Time, just-enough, time-bound, ephemeral, and Least Privilege access models that reduce standing privilege while simplifying access administration.
  • Advance privileged access modernization and access governance through automated approval workflows, time-bound elevation, break-glass controls, credential rotation, session monitoring, access expiration, entitlement management, access certification, analytics, and risk-based privilege management.
  • Engineer integrations across identity governance, access management, privileged access, directory, cloud, HR, data, AI, and enterprise application platforms to support automated provisioning, deprovisioning, authentication, authorization, federation, policy enforcement, and machine-to-machine access.
  • Define secure identity and access patterns for AI-enabled systems, including AI agents, copilots, intelligent automation, autonomous workflows, machine identities, data access workflows, and applications requiring controlled access to enterprise or healthcare data.
  • Leverage AI, machine learning, and intelligent automation to improve identity operations, entitlement analysis, access reviews, anomaly detection, governance, audit readiness, operational insights, developer support, engineering productivity, and compliance with HIPAA, SOX, HITRUST, NIST, audit requirements, and Zero Trust principles.


Qualifications

Your Knowledge and Experience
  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or equivalent combination of education and experience.
  • A minimum of 8 years of experience designing, implementing, and supporting enterprise Identity and Access Management solutions.
  • 4 years of prior people management experience with direct responsibility for supervising, coaching, and evaluating direct reports
  • Experience leading IAM, security engineering, platform engineering, cloud, infrastructure, or related technical teams.
  • Strong understanding of Identity Lifecycle Management, Joiner/Mover/Leaver processes, Identity Governance, and Privileged Access Management within complex hybrid cloud, SaaS, and on-premises environments.
  • Deep understanding of Role-Based Access Control, Attribute-Based Access Control, policy-based access control, Just-in-Time, just-enough, time-bound, and Least Privilege security models.
  • Strong knowledge of authentication and authorization frameworks, including Single Sign-On, Multi-Factor Authentication, SAML, OAuth 2.0, OpenID Connect, SCIM, and modern identity federation technologies across enterprise and consumer ecosystems.
  • Experience implementing and supporting enterprise identity governance, access management, directory, privileged access, cloud identity, HR, and application integration platforms.
  • Experience delivering identity as a platform capability, including self-service, API-driven, and developer-consumable IAM services for application, cloud, platform, and security engineering teams.
  • Experience developing automation using scripting languages, REST APIs, workflow automation, or similar programming approaches.
  • Experience implementing DevOps or platform engineering practices, including CI/CD, Infrastructure as Code, configuration-as-code, policy-as-code, automated testing, automated deployment, observability, and operational reliability.
  • Strong understanding of cloud identity and access patterns, including workload identity, service identities, managed identities, secrets management, key management, privileged access controls, and machine-to-machine access.
  • Experience integrating IAM capabilities into enterprise applications, cloud services, SaaS platforms, infrastructure platforms, and modern software development lifecycles.
  • Experience applying identity controls to AI-enabled systems, including AI agents, copilots, intelligent automation, machine identities, data access workflows, human-in-the-loop approvals, audit logging, and least-privilege access to sensitive enterprise data.
  • Experience leveraging AI-assisted development, intelligent automation, or machine learning technologies to improve operational efficiency, accelerate identity engineering, enhance access governance, or improve risk detection.


Hybrid

This role requires employees to be in-office based on our hybrid workplace model, balancing purposeful in-person collaboration with flexibility. For most teams, this means coming into the office two days each week.

Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need.

About Blue Shield Of California

Blue Shield of California is a not-for-profit health plan provider that has been providing Californians with access to high-quality healthcare for over 80 years. The company offers a range of health insurance products and services to individuals, families, and employers. Blue Shield of California is committed to improving the health and wellbeing of its members and the communities it serves. The company is also committed to sustainability and has implemented a number of initiatives to reduce its environmental impact.
Learn more about Blue Shield Of California
Size
7,000 employees
Industry
Founded
1981

Similar Jobs

More Jobs at Blue Shield Of California

More Enterprise Technology Jobs

Find similar Sr. Manager, Identity Platform Engineering jobs: