Job Specifications
Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Identity Engineer. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program.
Responsibilities will include:
Strong experience with authentication systems such as LDAP, MS Active Directory, Kubernetes, and Microsoft Entra including OIDC, OAuth, and SAML 2.0 protocols. Experience with Microsoft Authentication Libraries (MSAL) a plus. Experience with B2C configurations also a plus.
Experience with privileged access management solutions (PAM) such as CyberArk, Keeper, etc.
Experience with Identity Governance solutions like SailPoint, IBM, Oracle, etc.
Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls.
Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP)
Document system configurations, standards, and procedures in a centralized location.
Support Incident Response on security incidents globally, including contributing to table-top security incident exercises.
Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on information security controls.
Continually improve team documentation, including solution run books, architecture, knowledge base articles, FAQs, SharePoint.
Provide evidentiary support for Audit and Compliance teams.
Manage the remediation process including tracking and resolutions of findings from internal and/or external audit findings, risk assessments, and other control assessments.
Develop and maintain a strong partnership with relevant regional business and technical leaders and teams, including 3rd parties and affiliate businesses.
Monitoring, collecting, analyzing and reporting of security metrics and indicators to ensure the proper operations of our regional systems and services.
Regional security incident response and management point of contact and drive incident postmortems to find the root cause and track action items to completion.
Experience working with Service Management, Incident Management, and Change Management required.
Qualifications and Skills:
Education
Bachelor's Degree (or equivalent work experience).
At least five+ years of identity and access management experience in IT and/or Information Security combined.
Must-Have Skills
Manage Identity Providers such Microsoft Entra (formerly AAD), Okta, Ping One, Auth0, etc.
Strong experience with authentication protocols including OAuth, OIDC, SAML, etc.
Experience with PAM and Remote Desktop Solutions (CyberArk, Keeper, Venn, Zscaler, Global Protect, etc.)
IGA solutions and deployments (SailPoint, Saviynt, Oracle, etc.)
Integrating security systems via API, etc.
Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc.
Experience with PMO tools such as Smartsheet, Monday.com, etc.
Microsoft O365 products (Excel, PowerPoint, etc.)
Collaboration and communication skills across multiple teams and businesses.
Good-to-Have Skills
Palo Alto Firewall, F5 LTM, F5 GTM
SIEM and SOAR tools (Splunk, Cribl, PAN Cortex)
Powershell
Python Scripting
Power BI and Power Automate.
About the Company
Cantor Fitzgerald is a leading global financial services firm, serving clients from over 30 offices around the world. Founded in 1945 as a securities brokerage and investment bank, the firm pioneered computer-based bond trading, built one of the broadest distribution networks in the industry and became the market's premier dealer of government securities.
Today, Cantor Fitzgerald is known for its strength across a diverse array of businesses, including equity and fixed income capital markets, investment banking, commerc...
Know more