Senior Software Engineer, Identity and Access Management
Company: athenahealth
Location: Boston, MA
Salary: $119,000 - $203,000 a year
Type: Full-time
Posted: 2026-04-27
About this role
Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
Position Summary
Join athenahealth as a Senior Software Engineer, based in Boston, MA, working in a hybrid environment. You will design, build, and evolve identity, authentication, and authorization capabilities that protect and enable access across athenaOne, athenahealth’s core EHR platform, and related applications. The successful candidate will work with a high degree of independence to solve complex technical problems, contribute sound technical designs, mentor less experienced engineers, and collaborate closely with Product, Security, Compliance, Architecture, and partner application stakeholders. This position reports directly to the Senior Engineering Manager within the Identity and Access Management zone.
Team Summary
The Identity and Access Management (IAM) zone at athenahealth builds and maintains the authentication and authorization foundations that secure the company’s core EHR platform and related applications. The team owns shared services and centralized frameworks for single sign-on (SSO), token and session management, fine-grained access control, and policy-based access control. The zone focuses on secure-by-default, developer-friendly integration patterns that balance security, compliance, performance, and seamless user experience.
Essential Job Responsibilities:
- Design, develop, test, deploy, and maintain high-quality software components, APIs, SDKs, and services that support authentication, authorization, identity propagation, token and session management, and secure access workflows.
- Deliver features with a high degree of independence from implementation through peer review, rollout, and production support.
- Contribute to the design and evolution of authentication and authorization frameworks, including policy-based and fine-grained access control systems.
- Build cloud-based services and reusable ...