Advanced Authentication Engineer - CIAM, Passkey

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

How you can make a difference

At HealthEquity, we're on a mission to simplify and secure digital access. As we modernize our identity strategy, we are leveraging Transmit Security to deliver a frictionless, passwordless user experience across our applications. We're looking for an expert in passwordless solutions and modern authentication methods to lead this transformation. This role will work closely with engineering, IAM, and product teams to design and deploy secure, user-friendly authentication experiences that eliminate passwords and reduce account takeover risk. This critical role will be responsible for integrating Transmit Security's cutting-edge identity and fraud prevention solutions to enhance the security and user experience for our millions of customers. Beyond implementation, you will become the primary Subject Matter Expert (SME) for Transmit Security within HealthEquity, guiding its evolution and ensuring its optimal performance.

What you'll be doing

Lead Transmit Security Implementation: Drive the end-to-end implementation of Transmit Security across HealthEquity's member-facing and internal applications, serving millions of customers. This includes architectural design, integration strategy, configuration, and deployment within our Azure ecosystem.
• Architect and Integrate Solutions: Design and implement robust API integrations between Transmit Security and HealthEquity's existing systems, leveraging Azure API Management, Azure Functions, and .NET Core/C# to connect with core applications, CRM, data warehouses, and other critical platforms.
• Develop Secure Mobile & Web Integrations: Work closely with mobile and web development teams to integrate Transmit Security SDKs and APIs into ASP.NET Core applications and mobile solutions, ensuring secure and seamless authentication and user journeys across all customer touchpoints.
• Optimize Authentication & Fraud Prevention: Leverage Transmit Security's capabilities to implement advanced, risk-adaptive authentication policies, behavioral biometrics, and fraud detection mechanisms tailored to our customer base, integrating with existing Azure AD B2C or Azure AD solutions as appropriate.
• Transmit Security SME: Post-implementation, serve as the definitive Subject Matter Expert for Transmit Security, providing technical guidance, training, and support to engineering, security, product, and operations teams on its optimal use within a .NET/Azure framework.
• Drive Continuous Improvement: Proactively identify opportunities to optimize Transmit Security configurations, enhance security posture, improve user experience, and reduce fraud vectors, making full use of Azure monitoring and analytics tools.
• Collaborate Cross-Functionally: Partner closely with Security Operations, Product Management, Engineering, and Compliance teams to ensure Transmit Security aligns with business goals, security policies, and regulatory requirements, particularly in the context of Azure security best practices.
• Troubleshoot and Resolve: Provide advanced troubleshooting and incident response support related to Transmit Security, leveraging Azure diagnostic tools and .NET debugging skills, ensuring high availability and performance.
• Stay Current: Keep abreast of the latest developments in identity management, authentication technologies, fraud prevention, Transmit Security platform updates, and Microsoft Azure security services.

What you will need to be successful

• 10+ years of experience in Identity & Access Management (IAM), security engineering, or a related field, with at least 3+ years of direct, hands-on experience implementing and managing CIAM and passwordless solutions.

• Proven track record of successfully implementing complex IAM/security solutions for large-scale enterprise environments (millions of users), ideally in an Azure cloud environment.

• Deep expertise in CIAM platforms, including its authentication orchestration, fraud prevention capabilities, APIs, SDKs, and configuration best practices.

• Strong proficiency in API integration, custom development, and automation ideally in C# and .NET Core or related.

• Cloud experience with Microsoft Azure services preferred i.e. Azure Active Directory (Azure AD, Azure AD B2C), Azure API Management, Azure Functions, Azure Logic Apps, Azure App Service, Azure Key Vault, Azure Monitor/Application Insights

• In-depth understanding of authentication protocols (SAML, OAuth, OpenID Connect) and their practical application within an cloud context.

• Solid grasp of fraud detection methodologies, risk-based authentication, and adaptive security principles.

• Experience with mobile development (iOS/Android) and integrating SDKs into native and cross-platform applications (e.g., Xamarin, React Native for .NET developers) is desirable.

• Strong experience with CI/CD pipelines using Azure DevOps or similar tools.

• Bachelor's degree in Computer Science, Information Technology, or a related field; Master's degree preferred.

• Relevant security certifications (e.g., CISSP, CISM, GSEC) and Azure certifications (e.g., Azure Security Engineer Associate, Azure Solutions Architect Expert) are a significant plus.

#LI-Remote

This is a remote position.

The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision

• HSA contribution and match

• Dependent care FSA match

• Uncapped paid time off

• Paid parental leave

• 401(k) match

• Personal and healthcare financial literacy programs

• Ongoing education& tuition assistance

• Gym and fitness reimbursement

• Wellness program incentives

Why work with HealthEquity

HealthEquity has a vision that by2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.

You belong at HealthEquity!

HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity - you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot's AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.

HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.