Staff Security Engineer - IAM

Initial Training Schedule (First 3-6 months): Until the selected candidate is fully up to speed on our specific technologies and environment, the work schedule will be Monday - Friday business hours, working alongside existing IAM engineers for training and ramp-up. Target Shift Schedule: After the initial training period, this role will transition to a compressed work schedule, requiring four (4) eleven-hour shifts per week (10 working hours plus 1 hour for lunch) to cover weekend support. Office Requirement: This position requires a minimum 2-day per week in-office presence. Candidates must be within commutable distance of a CME Group Belfast office. Support the maintenance of highly automated and reliable directory solutions. Proactively identify and automate existing manual tasks and processes to improve efficiency and stability. Research and implement security best practices across all supported platforms. Assist teams in identifying, safely storing, and retrieving their secrets in line with industry best practice and CME Standards. Experience: 5 - 7 years of application support and experience with IAM services, tools, and solutions. Core Systems: Proven, hands-on experience designing, deploying, and supporting large-scale enterprise IAM solutions, specifically including: + Cloud SSO and CIAM Platforms + LDAP Directories & Active Directory + Privileged Access Management platforms + MFA solutions + Familiarity with hardware security keys Cloud Acumen: Experience with cloud computing strategies, concepts, and technologies, particularly with Google Cloud Platform (GCP) IAM primitives (e.g., Service Accounts, IAM Roles, Identity Platform). Containerization/Orchestration: Knowledge of container technologies, especially Kubernetes, as they relate to secrets management and identity access. IAM Foundation: Strong familiarity with the following areas is essential, as this is the primary scope of the role: + Privileged Access Management + Identity Lifecycle Management + Access Management (Federation/MFA/SSO) Scripting/Automation: Some development experience in one or more of the following:Shell Scripting, PowerShell, Python, Chef & Terraform. Security: Must have a thorough knowledge of information security components, principles, practices, and procedures, particularly regarding IAM security systems and controls. Troubleshooting Focus: Strong analytical, problem-solving, and expert-level troubleshooting skills with high-level critical thinking. Communication: Ability to succinctly articulate complex technical issues to both technicians and business sponsors. Governance: Solid working knowledge of ITIL (problem and incident management) and applicable change and audit controls. Collaboration: Ability to work both independently and in a team-oriented environment with the ability to establish relationships with external vendors. Formal Education: A Bachelor's degree in Computer Science or Information Systems or equivalent combination of education and related work experience. Certification: Certification or equivalent experience in a leading PAM enterprise platform Desired Security Certifications: Security certifications are a huge plus and highly desired, especially CISSP, Google Cloud Security Engineer (or Professional Cloud Security Engineer), or equivalent. Experience as an individual contributor on support and technical discussions in often high pressure situations. Bonus Programme Equity Programme Employee Stock Purchase Plan (ESPP) Private Medical and Dental coverage Mental Health Benefit Programme Group Pension Plan Income Protection Life Assurance Cycle To Work EV Car Benefit Scheme Gym Membership Family Leave Education Assistance - MBA/Advanced Degree/Bachelor Degree Ongoing Employee Development Training/Certification Hybrid Working Employee Experience