Ld Security Engineer - IAM

  • Competitive
  • Chicago, IL, USA
  • Permanent, Full time
  • Chicago Mercantile Exchange
  • 10 Dec 18

Ld Security Engineer - IAM

Description
CME Group: Where Futures Are Made

CME Group (www.cmegroup.com) is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.

The IAM Engineer will be responsible for developing and delivering comprehensive solutions to our internal and external customers. This role will have hands-on architectural and engineering responsibilities as well as technical leadership and expert level troubleshooting duties.

Position Responsibilities:

  • Design, implement and support highly automated, reliable and available IAM solutions
  • Deliver IAM systems which elevate security and compliance for in-house developed and commercial off-the-shelf applications
  • Lead emerging trend research, orchestrate product evaluations, and select the latest industry standards and tools
  • Provide advanced troubleshooting, participate in on-call rotation, and develop solutions and processes to eliminate off hours support calls
  • Assist in the automation of manual tasks
  • Identity lifecycle management support and implementation activities
  • Access management technology support and implementation activities
  • Privileged identity management support and implementation activities
  • Identity access governance support and implementation activities
  • Development of process documentation and standard, policies, procedures, and baselines
  • Responsible for ensuring appropriate collection and analysis of technical requirements based on critical projects IAM use cases and expectations.
  • Strong experience with project estimation, drafting project proposals and statements of work

MINIMUM REQUIREMENTS: KNOWLEDGE, SKILLS AND ABILITIES

  • 5+ years of applications support or equivalent experience with a specialization in Identity and Access Management platforms and tools
  • Development experience in C#, Perl, Unix Shell Script, add Powershell and BeanShell and/or Java
  • Experience with LDAP directories and relational databases (e.g., AD, eDirectory, Oracle DB, SQL Server)
  • Experience with Authentication and Authorization mechanisms and protocols (SAML, RBAC, OAuth/Open ID Connect, ABAC, 2FA/MFA, adaptive authentication)
  • Experience with Public Key Infrastructure including hardware security modules (HSMs)
  • Strong familiarity with security issues surrounding Identity Access Management and experience in implementation of security systems and controls. Must have a thorough knowledge of information security components, principles, practices, and procedures
  • Strong security background in network/systems/physical security, authentication, authorization and usability
  • Must have good knowledge of general IT architecture infrastructure, web application, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
  • Demonstrated ability to work across a broad range of technologies to deliver complex solutions
  • Demonstrated ability to effectively coordinate multiple priorities in a dynamic environment
  • Ability to succinctly articulate complex technical issues with both technicians and business sponsors
  • Effective time management skills demonstrated by successful and timely completion of projects
  • Ability to work both independently and in a team-oriented, collaborative environment
  • Ability to take a technology brand-agnostic approach
  • Knowledge of applicable audit controls and applicability to IAM services architecture, design, and processes.

    Personal Attributes:
  • Strong analytical, problem-solving skills and troubleshooting skills
  • High level critical thinking skills
  • Excellent written and oral communication skills
  • Excellent listening and interpersonal skills
  • Positive attitude, self-starter with strong analytical, communication and interpersonal skills to lead working groups, negotiate and create consensus
  • Ability to compose and present material to communicate difficult concepts and gain consensus
  • Comfortable working in a dynamic environment with multiple goals
  • Highly self-motivated and directed, with keen attention to detail
  • Able to prioritize and execute tasks in a high-pressure environment
  • Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership
    EXPERIENCE:
  • Hands-on experience developing and deploying large-scale enterprise Identity & Access Management solutions
  • Knowledge of three or more of the following technologies: Directory Services, Authentication/Authorization, Dev OPS, Identity Lifecycle Management, Access Review, Privileged Identity Management, Federation/MFA, and IAM protocols
  • Experience working in a team-oriented, collaborative environment
Formal Education & Certification
  • A Bachelor's or Master's degree in Computer Science or Information Systems
  • Security certifications (e.g. Security+, Network+, GCIA, GCIH, CISSP, CEH, etc.)


For EU Residents, the Candidate Privacy Policy can be found here.