CME Group is seeking an experienced and highly resilient IAM Staff Engineer to join a new, high-impact team supporting weekend trading capabilities. The primary focus of this role is to provide expert, hands-on support, troubleshooting, and recovery for mission-critical Identity and Access Management (IAM) systems, ensuring their stability and high availability in the production environment. The engineer will also contribute to automation, security best practices, and compliance, working within a compressed work schedule after an initial training period. This position requires a minimum 2-day per week in-office presence in Belfast.

Must Have

• Provide advanced, hands-on troubleshooting and rapid system recovery for critical IAM systems.
• Lend timely support for major incidents and implement preventative measures.
• Participate in product upgrades and ensure operational readiness.
• Perform in the on-call rotation and disaster recovery tests.
• Assist in continuous improvement efforts to reduce repeated support calls and incidents.
• Support the maintenance of highly automated and reliable directory solutions.
• Proactively identify and automate existing manual tasks and processes.
• Research and implement security best practices across all supported platforms.
• Assist teams in identifying, safely storing, and retrieving their secrets.
• Deliver directory solutions that enhance security and compliance.
• Develop processes, guidelines, and robust documentation for internal teams.
• Aid information gathering for audits and oversee documentation efforts.
• 5-7 years of application support and experience with IAM services, tools, and solutions.
• Proven, hands-on experience designing, deploying, and supporting large-scale enterprise IAM solutions.
• Experience with cloud computing strategies, concepts, and technologies, particularly GCP IAM primitives.
• Knowledge of container technologies, especially Kubernetes, as they relate to secrets management and identity access.
• Strong familiarity with Privileged Access Management, Identity Lifecycle Management, and Access Management.
• Development experience in Shell Scripting, PowerShell, Python, Chef, or Terraform.
• Thorough knowledge of information security components, principles, practices, and procedures.
• Strong analytical, problem-solving, and expert-level troubleshooting skills.
• Ability to succinctly articulate complex technical issues to both technicians and business sponsors.
• Solid working knowledge of ITIL and applicable change and audit controls.
• Ability to work both independently and in a team-oriented environment.
• Bachelor's degree in Computer Science or Information Systems or equivalent.
• Certification or equivalent experience in a leading PAM enterprise platform.

Good to Have

• Security certifications (CISSP, Google Cloud Security Engineer, or Professional Cloud Security Engineer)

Perks & Benefits

• Bonus Programme
• Equity Programme
• Employee Stock Purchase Plan (ESPP)
• Private Medical and Dental coverage
• Mental Health Benefit Programme
• Group Pension Plan
• Income Protection
• Life Assurance
• Cycle To Work
• EV Car Benefit Scheme
• Gym Membership
• Family Leave
• Education Assistance – MBA/Advanced Degree/Bachelor Degree
• Ongoing Employee Development Training/Certification
• Hybrid Working

IAM Staff Engineer, Weekend Trading Support Systems

We are building a new, high-impact team dedicated to supporting our exciting new weekend trading capabilities. We are seeking an experienced and highly resilient IAM Staff Engineer whose primary focus will be providing expert, hands-on support, troubleshooting, and recovery for our mission-critical Identity and Access Management (IAM) systems. While project work exists, your core mission is ensuring the stability and high availability of the production environment.

Work Environment & Schedule

• Initial Training Schedule (First 3-6 months): Until the selected candidate is fully up to speed on our specific technologies and environment, the work schedule will be Monday - Friday business hours, working alongside existing IAM engineers for training and ramp-up.
• Target Shift Schedule: After the initial training period, this role will transition to a compressed work schedule, requiring four (4) eleven-hour shifts per week (10 working hours plus 1 hour for lunch) to cover weekend support.
• Office Requirement: This position requires a minimum 2-day per week in-office presence. Candidates must be within commutable distance of a CME Group Belfast office.

What You'll Do (Primary Focus: Support & Operations)

You will be the go-to for operational excellence and advanced issue resolution for our core IAM platforms. Furthermore, you will be supported and backed up by a team of highly skilled engineers located globally who can bring additional knowledge and experience when required.

Support & System Recovery

• Provide advanced, hands-on troubleshooting, problem isolation, and rapid system recovery for critical IAM systems and related components.
• Lend timely support assistance for major incidents, participating in post-mortem analysis and implementing preventative measures.
• Take part in product upgrades depending on the situation and scope of the project, ensuring operational readiness.
• Perform in the on-call rotation and disaster recovery tests.
• Assist in our continuous improvement efforts to reduce repeated support calls and incidents”
• Participate in our continuous improvement efforts to reduce repeated support calls and incidents

Engineering & Automation

• Support the maintenance of highly automated and reliable directory solutions.
• Proactively identify and automate existing manual tasks and processes to improve efficiency and stability.
• Research and implement security best practices across all supported platforms.
• Assist teams in identifying, safely storing, and retrieving their secrets in line with industry best practice and CME Standards.

Compliance & Documentation

• Deliver directory solutions that enhance security and compliance.
• Develop processes, guidelines, and robust documentation for consumption by internal teams.
• Aiding information gathering for audits and overseeing documentation efforts.

What You'll Bring (Minimum Requirements)

Technical Knowledge & Experience:

• Experience: 5 - 7 years of application support and experience with IAM services, tools, and solutions.
• Core Systems: Proven, hands-on experience designing, deploying, and supporting large-scale enterprise IAM solutions, specifically including:
• Cloud SSO and CIAM Platforms
• LDAP Directories & Active Directory
• Privileged Access Management platforms
• MFA solutions
• Familiarity with hardware security keys
• Cloud Acumen: Experience with cloud computing strategies, concepts, and technologies, particularly with Google Cloud Platform (GCP) IAM primitives (e.g., Service Accounts, IAM Roles, Identity Platform).
• Containerization/Orchestration: Knowledge of container technologies, especially Kubernetes, as they relate to secrets management and identity access.
• IAM Foundation: Strong familiarity with the following areas is essential, as this is the primary scope of the role:
• Privileged Access Management
• Identity Lifecycle Management
• Access Management (Federation/MFA/SSO)
• Scripting/Automation: Some development experience in one or more of the following:Shell Scripting, PowerShell, Python, Chef & Terraform.
• Security: Must have a thorough knowledge of information security components, principles, practices, and procedures, particularly regarding IAM security systems and controls.

Professional Skills

• Troubleshooting Focus: Strong analytical, problem-solving, and expert-level troubleshooting skills with high-level critical thinking.
• Communication: Ability to succinctly articulate complex technical issues to both technicians and business sponsors.
• Governance: Solid working knowledge of ITIL (problem and incident management) and applicable change and audit controls.
• Collaboration: Ability to work both independently and in a team-oriented environment with the ability to establish relationships with external vendors.

Education & Certification

• Formal Education: A Bachelor's degree in Computer Science or Information Systems or equivalent combination of education and related work experience.
• Certification: Certification or equivalent experience in a leading PAM enterprise platform
• Desired Security Certifications: Security certifications are a huge plus and highly desired, especially CISSP, Google Cloud Security Engineer (or Professional Cloud Security Engineer), or equivalent.
• Experience as an individual contributor on support and technical discussions in often high pressure situations.

Company Benefits:

• Bonus Programme
• Equity Programme
• Employee Stock Purchase Plan (ESPP)
• Private Medical and Dental coverage
• Mental Health Benefit Programme
• Group Pension Plan
• Income Protection
• Life Assurance
• Cycle To Work
• EV Car Benefit Scheme
• Gym Membership
• Family Leave
• Education Assistance – MBA/Advanced Degree/Bachelor Degree
• Ongoing Employee Development Training/Certification
• Hybrid Working