Staff Security Engineer - IAM

About The Position

Requirements

• Experience: 5 - 7 years of application support and experience with IAM services, tools, and solutions.
• Core systems: Proven, hands-on experience designing, deploying, and supporting large-scale enterprise IAM solutions, specifically including: Cloud SSO and CIAM Platforms LDAP Directories & Active Directory Privileged Access Management platforms MFA solutions Familiarity with hardware security keys
• Cloud acumen: Experience with cloud computing strategies, concepts, and technologies, particularly with Google Cloud Platform (GCP) IAM primitives (e.g., Service Accounts, IAM Roles, Identity Platform).
• Containerization / orchestration: Knowledge of container technologies, especially Kubernetes, as they relate to secrets management and identity access.
• IAM foundation: Strong familiarity with the following areas is essential, as this is the primary scope of the role: Privileged Access Management Identity Lifecycle Management Access Management (Federation / MFA / SSO)
• Scripting / automation: Some development experience in one or more of the following: Linux shell scripting, PowerShell, Python, Chef & Terraform.
• Security: Must have a thorough knowledge of information security components, principles, practices, and procedures, particularly regarding IAM security systems and controls.
• Technical support: Experience as an individual contributor on support and technical discussions in high-pressure situations.
• Troubleshooting focus: Strong analytical, problem-solving, and expert-level troubleshooting skills with high-level critical thinking.
• Communication: Ability to succinctly articulate complex technical issues to both technicians and business sponsors.
• Governance: Solid working knowledge of ITIL (problem and incident management) and applicable change and audit controls.
• Collaboration: Ability to work both independently and in a team-oriented environment with the ability to establish relationships with external vendors.
• Formal education: A Bachelor's degree in Computer Science, Information Systems or equivalent combination of education and related work experience.
• Certification: Certification or equivalent experience in a leading PAM enterprise platform

Nice To Haves

• Security certifications are a huge plus and highly desired, especially CISSP, Google Cloud Security Engineer (or Professional Cloud Security Engineer), or equivalent.

Responsibilities

• Provide advanced, hands-on troubleshooting, problem isolation, and rapid system recovery for critical IAM systems and related components.
• Lend timely support assistance for major incidents, participating in post-mortem analysis and implementing preventative measures.
• Take part in product upgrades depending on the situation and scope of the project, ensuring operational readiness.
• Perform in the on-call rotation and disaster recovery tests.
• Assist in our continuous improvement efforts to reduce repeated support calls and incidents.
• Proactively identify and automate existing manual tasks and processes to improve efficiency and stability.
• Research and implement security best practices across all supported platforms.
• Assist teams in identifying, safely storing, and retrieving their secrets in line with industry best practice and CME Standards.
• Develop processes, guidelines, and robust documentation for consumption by internal teams.
• Aiding information gathering for audits and overseeing documentation efforts.

Benefits

• CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future.
• The pay range for this role is $128,500-$214,100.
• Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant).
• Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program.
• Through our benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents.