Lead Software Engineer - Remote

Optum Tech is a global leader in health care innovation. Our teams develop cutting-edge solutions that help people live healthier lives and help make the health system work better for everyone. From advanced data analytics and AI to cybersecurity, we use innovative approaches to solve some of health care's most complex challenges. Your contributions here have the potential to change lives. Ready to build the next breakthrough? Join us to start Caring. Connecting. Growing together.
Aikyam is the most advanced "Identity as a Service" Platform within United Health Group that is aimed to provide a central and universal user identity for identifying and authenticating a user in the healthcare domain. It is built upon open standards like OAuth 2.0, OpenID Connect, SAML 2.0 Web SSO etc. It is a highly available, reliable and scalable service hosted in public cloud. We enjoy the trust of large customers in healthcare industry and government services with operations across United States of America.
You'll enjoy the flexibility to work remotely * from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.
Primary Responsibilities:

• Define architecture and design patterns to ensure consistent, scalable, and efficient implementation of Identity Platform solutions
• Provide technical vision and engineering leadership for identity management across multiple platforms and ecosystems
• Ensure all solutions comply with enterprise IT principles, security standards, and healthcare regulations (HIPAA, TEFCA, CMS Interoperability)
• Lead intake scoping, solution concept development, and initial cost estimation, including logical-level system architecture definition
• Create end-to-end architecture blueprints, covering integration of applications, systems, platforms, and technical infrastructure
• Collaborate with solution engineering, development teams, partners, and vendors to maintain a coherent and consistent approach to design, implementation, and integration
• Provide hands-on technical guidance, including reference implementations, reusable design patterns, and best-practice guidelines
• Integrate AI and ML capabilities into identity workflows for adaptive authentication, fraud detection, and risk-based access control
• Design and implement AI-driven security analytics to detect anomalies, predict threats, and automate incident response in large-scale environments
• Develop machine learning models for identity proofing, behavioral risk scoring, and continuous authentication
• Architect data-driven security monitoring systems leveraging AI for real-time threat hunting, predictive analytics, and automated remediation
• Research and adopt proactive AI-based security strategies, such as anomaly detection, threat modeling, and autonomous policy enforcement
• Enable Agentic Identity frameworks, allowing AI agents to act under controlled, auditable delegated identities for secure automation
• Incorporate conversational AI and NLU into identity platforms for guided user experiences, troubleshooting, and self-service authentication flows
• Establish AI governance and compliance controls, ensuring transparency, explainability, and bias mitigation in identity-related AI models

You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
Required Qualifications:

• 8+ years of hands-on technical experience in implementing secure enterprise applications using cloud technologies
• 6+ years of relevant experience in Identity & Access Management and Information Security
• 6+ years of experience with identity protocols (OAuth2, OIDC, SAML) and integrating AI into these flows
• 6+ years of experience with Identity federation, Single Sign-On, RBAC, ABAC, MFA, RBA
• 6+ years of experience in Threat, Vulnerability & Risk management, Infrastructure security
• Hands-on working experience with SailPoint, ForgeRock, Ping, Okta, OneLogin, Azure AD or similar IAM products
• Knowledge of security data platforms (Splunk, ELK) and applying AI for log analysis
• Familiarity with ML frameworks (TensorFlow, PyTorch) and AI services (Azure AI, AWS SageMaker)

Preferred Qualifications:

• Hands-on experience with security management of virtual machines, containers, and applications
• Demonstrable experience in Site Reliability Engineering and DDoS mitigation techniques
• Knowledge of SANS Top 20 Critical Security Controls and OWASP Top 10 vulnerabilities
• Working knowledge of Scripting languages (Python and PowerShell)
• Solid working knowledge of Web Application Firewalls, HTTP(s), TCP/UDP, SSL/TLS, Forward and reverse proxies, Load balancers
• Solid understanding and development experience on Java, SpringBoot, RESTful Web Services and Microservices
• Good understanding of the web application architectures, TCP/IP networking, cloud computing and data integrity and confidentiality including cryptographic techniques
• Exposure to graph-based identity risk models and anomaly detection algorithms
• Proven solid communication skills and presentation skills, leadership skills, problem solving and analytical skills

*All employees working remotely will be required to adhere to UnitedHealth Group's Telecommuter Policy
Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $112,700 to $193,200 annually based on full-time employment. We comply with all minimum wage laws as applicable.
Application Deadline: This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected. Job posting may come down early due to volume of applicants.
At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.
UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
UnitedHealth Group is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.