Staff Software Engineer

Job Description SummaryAs a Staff Software Engineer, in the identity domain, you will lead the design and development of identity and access management solutions. This role requires deep expertise in authentication and authorization protocols, standards, and technologies. You will play a key role in shaping the architecture and strategy for secure identity systems across our platforms.
In this role, you will be expected to work directly with code, infrastructure, and production systems. You will lead by example—writing secure, maintainable code, building reusable components, and debugging complex identity flows in real-time. Your ability to translate architectural vision into working software will be critical, as will your skill in collaborating across engineering, security, and product teams to deliver robust identity capabilities.
GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Roles and Responsibilities:

• Design, develop, and maintain core identity services including authentication, authorization, token issuance, and policy enforcement.

• Lead, Implement and optimize OIDC, OAuth2.0, and JWT-based flows across distributed systems.

• Build and manage JWKS endpoints, token validation logic, and secure key rotation mechanisms.

• Develop and enforce OPA (Open Policy Agent) policies for fine-grained access control.

• Integrate identity solutions with third-party providers (e.g., Ping, WS02 etc) and internal services.

• Lead code reviews, contribute to architecture decisions, and ensure high-quality engineering practices.

• Build custom middleware and SDKs to abstract identity logic for internal consumers.

• Troubleshoot and resolve complex identity-related issues in production environments.

• Collaborate with DevSecOps to implement Zero Trust principles, secure service-to-service communication, and audit trails.

• Conduct threat modelling, security audits and vulnerability assessments for identity systems to mitigate risks such as token forgery, session hijacking etc

• Mentor engineers and promote best practices in identity, security, and cloud-native development.

Education Qualification:

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with a minimum of 8+ years of experience in software engineering, with at least 5 years focused on identity and access management.

Required Skills:

• Proven experience in designing and deploying scalable cloud solutions using platforms such as AWS, Azure, or Google Cloud.

• Deep knowledge of microservices architecture and containerization technologies (e.g., Docker, Kubernetes).

• Excellent understanding of cloud-native design patterns and best practices.

• Good understanding of authentication protocols (e.g., OIDC, SAML, OAuth2.0).

• Deep knowledge of JWT, JWKS, and token-based authentication mechanisms.

• Experience with OPA and policy-as-code frameworks.

• Proficiency in designing and implementing RBAC/ABAC models.

• Hands-on experience with identity platforms (e.g., Auth0, Okta, Ping, Azure AD).

• Excellent programming skills in languages such as Java, Go, Python, or Node.js.

• Familiarity with cloud-native architectures and microservices.

• Excellent problem-solving, communication, and leadership skills.

• Experience in using GenAI tools in design and development of cloud native services

Nice-to-Have Skills: 

• Experience working with multi-cloud or hybrid cloud deployments. 

• Open-source contributions, technical publications, or public speaking at conferences. 

• Relevant certifications such as CISSP, CISM, or AWS Security Specialty.

• Cloud architecture certifications (e.g., AWS Certified Solutions Architect).

Inclusion and Diversity

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

#LI-AM11

#LI-Hybrid

Additional Information