Senior IAM Security Engineer

Join the Team Modernizing Medicine At ModMed, we’re not just building software—we’re reimagining the healthcare experience. Founded in 2010 by a practicing physician and a successful tech entrepreneur, we took a radically different approach: we hired doctors and taught them how to code. This "for doctors, by doctors" philosophy has allowed us to create an AI-enabled, specialty-specific cloud platform that places patients at the center of care. A Culture of Excellence When you join ModMed, you’re joining an award-winning team recognized for innovation and employee satisfaction. From our global headquarters in Boca Raton Florida, and extensive employee base in Hyderabad India, we are a team of 4,500+ passionate problem-solvers on a mission to increase medical practice success and improve patient outcomes:

• Consistently ranked as a Top Place to Work
• 2025 Globee Business Awards: Gold Globee for “Technology Team of the Year”
• 2025 Black Book Awards: Ranked #1 EHR in 11 Specialties
• Florida Venture Forum: Venture-Backed Company of the Year

We are growing fast, thinking big, and we are just getting started. Ready to modernize medicine with us?

Job Description

Summary: The Senior IAM Engineer is responsible for implementing and maintaining secure identity and access controls across ModMed’s cloud and enterprise environments. This includes designing and automating role-based access controls (RBAC) and attribute-based access controls (ABAC), managing privileged access through just-in-time solutions, integrating SSO with AWS workloads, and performing ongoing access audits. The role partners with CloudOps, IT, and GRC to ensure compliance with SOC 2, HIPAA, and internal IAM standards. What you'll do:

• Design, implement, and maintain AWS and SSO IAM policies, roles, and groups following least privilege
• Operationalize PAM Solution for privileged access management (PAM) and identity governance
• Conduct periodic access reviews, role audits, and entitlement reporting
• Integrate IAM with CI/CD and engineering workflows for automated account provisioning
• Support incident response related to identity misuse or compromised credentials
• Makes day-to-day technical and operational decisions impacting access control, audit readiness, and identity posture
• Recommends strategic IAM and PAM improvements to the Security Architect and Director of Security Engineering with minimal supervision

​What you'll bring:

• Bachelor’s in Computer Science, CompSci, InfoSec, or related field
• 5+ years hands-on IAM or cloud security engineering experience
• Experience integrating IAM with CI/CD and DevOps pipelines preferred
• Proficiency with AWS IAM, SSO, PAM Solution, scripting (Python/Bash), Terraform, least privilege enforcement, audit reporting, and troubleshooting federated identity issues, Zero Trust security principles
• Experience integrating IAM with CI/CD and DevOps pipelines preferred
• Understanding and implementation experience with modern identity federation protocols, including SAML 2.0, OpenID Connect (OIDC), and OAuth 2.0;
• Hands-on experience with directory services (SSO)
• Proficiency in identity lifecycle management and automated provisioning/de-provisioning using the SCIM (System for Cross-domain Identity Management) protocol
• Proven track record of integrating enterprise applications with a central Single Sign-On (SSO) solution; hands-on experience with AWS IAM
• AWS Certified Security - Specialty or CCSP (Certified Cloud Security Professional) CIDPRO SSO Professional Certification is a plus​

ModMed Benefits Highlight: At ModMed, we believe it’s important to offer a competitive benefits package designed to meet the diverse needs of our growing workforce. Eligible Modernizers can enroll in a wide range of benefits: United States

• Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution,
• 401(k): ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep.
• Generous Paid Time Off and Paid Parental Leave programs,
• Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs,
• Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed,
• Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning,
• Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles,
• Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters.

PHISHING SCAM WARNING: ModMed is among several companies recently made aware of a phishing scam involving imposters posing as hiring managers recruiting via email, text and social media. The imposters are creating misleading email accounts, conducting remote "interviews," and making fake job offers in order to collect personal and financial information from unsuspecting individuals. Please be aware that no job offers will be made from ModMed without a formal interview process, and valid communications from our hiring team will come from our employees with a ModMed email address ([email protected]). Please check senders’ email addresses carefully. Additionally, ModMed will not ask you to purchase equipment or supplies as part of your onboarding process. If you are receiving communications as described above, please report them to the FTC website. Apply tot his job Apply To this Job