At Prime Therapeutics (Prime), we are a different kind of PBM, with a purpose beyond profits and a unique ability to connect care for those we serve. Looking for a purpose-driven career? Come build the future of pharmacy with us.
Job Posting Title
IT Security Engineer - Remote
Job Description
The Security Engineer (Authentication Services) is responsible for designing, implementing, and operating identity and access security controls that protect Prime’s information systems from unauthorized access, misuse, alteration, or disclosure. This role focuses on workforce and customer identity platforms, ensuring secure authentication, authorization, and integration across cloud applications and services.
The engineer plans, coordinates, and executes security measures within Microsoft Azure Entra and Okta environments, supporting both internal workforce applications and external, customer‑facing systems. This role partners closely with application teams, infrastructure, security, and business stakeholders to enable secure access while maintaining system availability, compliance, and a strong security posture.
Key Job Responsibilities
Azure Entra Workforce Security Administration
Design, implement, and manage Conditional Access policies to enforce MFA, device posture, network location, and risk‑based access controls for workforce and guest users.
Administer application registrations and enterprise applications, including permissions consent, secrets and certificate management, and lifecycle governance.
Configure and support Single Sign‑On (SSO) using Entra ID as an Identity Provider (IdP) for applications leveraging OIDC, OAuth 2.0, and SAML.
Secure and manage Azure API access, including OAuth scopes, app roles, managed identities, and service principals.
Perform advanced Azure Entra troubleshooting, including authentication failures, token issuance issues, conditional access evaluations, and sign‑in diagnostics.
Support identity‑related incidents, access escalations, and production issues with a focus on root‑cause analysis and prevention.
Okta Customer Identity Security Administration
Administer Okta Customer Identity environments supporting client, member, and pharmacy‑facing applications.
Configure SSO as both an Identity Provider (IdP) and Service Provider (SP) using OIDC, OAuth 2.0, and SAML for internal and external integrations.
Manage customer‑managed IDPs federated into Okta, including configuration, troubleshooting, and security review.
Oversee application onboarding and registration in Okta, including claims, scopes, token lifetimes, and signing credentials.
Design and enforce Okta API security, including OAuth authorization servers, access policies, and rate limiting.
Maintain Okta tenant security posture, including policy administration, MFA enforcement, session policies, and baseline security controls.
Minimum Qualifications
- Bachelor's degree in Information Security, Computer Science or related area of study, or equivalent combination of education and/or relevant work experience; HS diploma from an accredited school or equivalent GED required
- 2 years of work experience in the Information Security field, or related Information Technology experience such as Server Engineering, Networking, Architecture or Application Development
Must be eligible to work in the United States without the need for work visa or residency sponsorship
Additional Qualifications
- Strong analytical and problem-solving skills
- Ability to interpret technical documentation such as diagrams, configuration parameters, operational procedures, etc. and apply to security tasks
- Knowledge of security frameworks (NIST, ISO, CIS) and regulatory standards (HIPAA, PCI, etc.)
- Strong written and verbal communication skills for both technical and non-technical audiences
- Ability to prioritize multiple tasks and work independently or collaboratively
- Ability to participate in on-call rotation and respond to incidents as needed
Preferred Qualifications
- 2–4 years of experience in IT security, cybersecurity, or related technical field
- Experience with scripting languages (e.g., Python, PowerShell) to support security automation
- Relevant certifications (e.g., CompTIA Security+, CySA+, or equivalent) preferred
Every employee must understand, comply with and attest to the security responsibilities and security controls unique to their job, and comply with all applicable legal, regulatory, and contractual requirements and internal policies and procedures
Every employee must be able to perform the essential functions of the job and, if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions, absent undue hardship. In addition, Prime retains the right to change or assign other duties to this job
Potential pay for this position ranges from $74,000.00 - $118,000.00 based on experience and skills.
To review our Benefits, Incentives and Additional Compensation, visit our Benefits Page and click on the "Benefits at a glance" button for more detail (https://www.primetherapeutics.com/benefits).
Prime Therapeutics LLC is proud to be an equal opportunity and affirmative action employer. We encourage diverse candidates to apply, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sex (including pregnancy), national origin, disability, age, veteran status, or any other legally protected class under federal, state, or local law.
We welcome people of different backgrounds, experiences, abilities, and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.
Prime Therapeutics LLC is a Tobacco-Free Workplace employer.
Positions will be posted for a minimum of five consecutive workdays.
