Information Security Engineer

Cantor Fitzgerald's Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program.

Responsibilities will include:

• Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra including OIDC, OAuth, and SAML 2.0 protocols. Experience with Microsoft Authentication Libraries (MSAL) a plus. Experience with B2C configurations also a plus.
• Experience with privileged access management solutions (PAM) such as CyberArk, Keeper, etc.
• Experience with Identity Governance solutions like SailPoint, IBM, Oracle, etc.
• Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls.
• Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP)
• Document system configurations, standards, and procedures in a centralized location.
• Support Incident Response on security incidents globally, including contributing to table-top security incident exercises.
• Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls.
• Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint.
• Provide evidentiary support for Audit and Compliance teams.
• Manage the remediation process including tracking and resolutions of findings from internal and/or external audit findings, risk assessments, and other control assessments.
• Develop and maintain a strong partnership with relevant regional business and technical leaders and teams, including 3rd parties and affiliate businesses.
• Monitoring, collecting, analyzing and reporting of security metrics and indicators to ensure the proper operations of our regional systems and services.
• Regional security incident response and management point of contact and drive incident postmortems to find the root cause and track action items to completion.
• Experience working with Service Management, Incident Management, and Change Management required.

Qualifications and Skills:

Education

• Bachelor's Degree (or equivalent work experience).
• At least five+ years of identity and access management experience in IT and/or Information Security combined.

Must-Have Skills

• Manage Identity Providers such Microsoft Entra (formerly AAD), Okta, Ping One, Auth0, etc.
• Strong experience with authentication protocols including OAuth, OIDC, SAML, etc.
• Experience with PAM and Remote Desktop Solutions (CyberArk, Keeper, Venn, Zscaler, Global Protect, etc.)
• IGA solutions and deployments (SailPoint, Saviynt, Oracle, etc.)
• Integrating security systems via API, etc.
• Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc.
• Experience with PMO tools such as Smartsheet, etc.
• Microsoft O365 products (Excel, PowerPoint, etc.)
• Collaboration and communication skills across multiple teams and businesses.

Good-to-Have Skills

• Palo Alto Firewall, F5 LTM, F5 GTM
• SIEM and SOAR tools (Splunk, Cribl, PAN Cortex)
• Powershell
• Python Scripting
• Power BI and Power Automate.