Security Engineer III - IAM

The Security Engineer III - IAM provides technical expertise related to federation and multi-factor authentication for CME’s workforce and customers. This function will implement technical solutions while maintaining and adhering to IAM standards, procedures, and audit requirements.  The person in this role is expected to leverage their technical experience to design and implement identity solutions as well as support them efficiently.

Key Responsibilities:

• Primary job functions: 

  • Advance CME’s modern authentication capabilities with strategic enhancements.  This includes working with federation technologies and protocols, identity directories and multi-factor authentication technologies for both workforce and customer use-cases.

  • Day-to-day functions will focus on both project work and operational work (i.e. rotating service account password, creating new federation integrations, troubleshooting SAML/OIDC issues and other operational tasks)

  • Focus on process improvements via innovative methods to assist in the automation of manual tasks.

  • Participate in on-call rotation (during business hours) and DR exercises, and develop solutions and processes to eliminate or reduce off hours support calls.

• Other responsibilities: 

  • Contribute to the identity management function: identity provisioning (including joiner, mover, and leaver scenarios); IAM governance (including access certifications); role-based access control; audit/compliance activities 

  • Contribute to the secrets management function including traditional and ephemeral secrets management tools

  • Advance the IAM operational support capability by collecting actionable metrics and introducing tools and procedures to make the team more efficient

  • Support the development of IAM-related IaaS and SaaS security requirements and controls

Minimum Requirements: knowledge, skills and abilities:

• 2+ years in an IAM role at a large enterprise (preferably in a highly regulated industry) 

• Experience with common identity protocols including: SAML, oAuth, OIDC, FIDO, SCIM, LDAP

• Understanding of IAM concepts including: federation, multi-factor authentication, directories, secrets management, privileged account management, identity lifecycle management and JML workflows

• Proven ability to automate repetitive tasks; especially with programming/scripting languages like Powershell or Python

• Experience with public cloud platforms, cloud security concepts and cloud platform IAM (ideally in GCP) 

• Ability to recognize and implement security best practices for SaaS applications 

• Ability to troubleshoot general IT infrastructure: Unix/Windows Servers, load balancers, networking devices, databases, and virtualization

• Ability to work both independently and in a team-oriented, collaborative environment

• Ability to work across a broad range of technologies to deliver solutions to complex challenges

• Strong familiarity with security issues surrounding identity access management and experience in implementation of security systems and controls. Must have a deep knowledge of security components, principles, practices, and procedures

• Advanced skillset in collaboration and can lead team-oriented projects effectively without the need for guidance or support across all situations

Personal Attributes:

• Strong analytical, problem-solving, and fact-based troubleshooting skills

• Highly self-motivated and directed with keen attention to detail

• Effective time management skills demonstrated by successful and timely completion of projects

• Strong analytical, problem-solving, and troubleshooting skills

• Team player that supports a collaborative environment to negotiate and build consensus

• Positive attitude, self-starter, with effective communication and interpersonal skills

• Desire to help create a world-class IAM support organization

Formal Education & Certification:

• A Bachelor's degree in Computer Science or Information Systems or related discipline or equivalent work experience

• Security certifications are a plus (e.g., CISSP, CISM, CGEIT, SSCP, Security+, etc.) 

Company Benefits:

• Bonus Programme
• Equity Programme
• Employee Stock Purchase Plan (ESPP)
• Private Medical and Dental coverage
• Mental Health Benefit Programme
• Group Pension Plan
• Income Protection
• Life Assurance
• Cycle To Work
• EV Car Benefit Scheme
• Gym Membership
• Family Leave
• Education Assistance – MBA/Advanced Degree/Bachelor Degree
• Ongoing Employee Development Training/Certification
• Hybrid Working

CME Group : Where Futures are Made

CME Group is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

At CME Group, we embrace our employees' diverse experiences, cultures and skills, and work to ensure that everyone’s perspectives are acknowledged and valued. As an equal opportunity employer, we recognize the importance of a diverse and inclusive workplace and consider all potential employees without regard to any protected characteristic. 

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.