Benefits:

• Unlimited PTO

• Free lunch & dinner

• Health insurance

• Dental insurance

• Vision insurance

• Life insurance

• Commuter benefits

About Mandolin

Nearly every disease will become treatable in our lifetimes. Mandolin is laying the clinical and financial infrastructure to get groundbreaking treatments to patients faster, powered by AI agents.

Mandolin partners closely with the largest healthcare institutions in the US, covering more than $10B drug spend across the country. We're backed by Greylock, SV Angel, Maverick, SignalFire, and the founders of Vercel, Decagon, and Yahoo.

Why we need you

Security, privacy, and compliance are core to our mission. As a Member of Technical Staff focused on Identity & Access Management (IAM), you will design and implement the authentication, authorization, and identity systems that underpin trust in our platform. This role ensures that our customers can access Mandolin securely, reliably, and in compliance with healthcare and enterprise requirements.

What you’ll do

• Design, build, and maintain Mandolin’s identity and access management services, including authentication, authorization, and session management.

• Implement role-based access control (RBAC), single sign-on (SSO), multi-factor authentication (MFA), and audit logging across product modules.

• Collaborate with Product and Engineerings teams to embed IAM principles into every layer of the platform.

• Ensure compliance with regulatory frameworks (HIPAA, SOC2, etc.) through secure identity design and auditability.

• Develop scalable APIs and services to support enterprise integrations (e.g., SAML, OAuth, SCIM, OpenID Connect).

• Monitor, test, and continuously improve the performance, security, and reliability of IAM systems.

• Stay ahead of industry best practices in identity, access, and security; bring forward new approaches and tooling.

Must-have experience

• 5+ years of software engineering experience, with a focus on identity and access management.

• Expertise with authentication and authorization standards (OAuth2, OIDC, SAML, SCIM).

• Hands-on experience implementing RBAC, MFA, and SSO in production systems.

• Strong backend engineering skills with one or more modern languages (Go, Python, Node.js, or similar).

• Experience building secure, compliant, and highly available services.

• Demonstrated ability to work independently in ambiguous, early-stage environments.

Nice-to-haves

• Experience building IAM foundations as an early or first hire at a startup.

• Background in regulated industries (healthcare, fintech, government) where compliance and auditability are critical.

Compensation Range: $160K - $270K