Lead Identity Engineer - API & AI Gateways
Role details
Job location
Tech stack
Job description
Grade Level (for internal use), We are seeking a Lead Identity Engineer to lead the architecture of our next-generation API security and authorization platforms. While deeply rooted in core IAM principles. You will leverage your deep expertise in securing APIs and modern authorization standards (OAuth/OIDC) to architect the Model Context Protocol (MCP) Gateway, the secure bridge connecting our enterprise data to AI agents. In this role, you will primarily focus on building robust Authorization frameworks and API Governance layers that can scale to support not just human users, but the high-velocity, complex access patterns of AI agents.
The Impact
The candidate will drive the transformation of our security posture by extending our robust API security controls to the emerging AI ecosystem. In this role, responsibilities include architecting and governing the MCP Gateway. You will ensure that critical data sources are protected against unauthorized AI access. By implementing Fine-Grained Authorization (FGA) and context-aware policies, you will enable the safe adoption of Generative AI, ensuring that our digital supply chain remains secure, compliant, and ready for the future of automation., At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets.
Requirements
- Experience: 8+ years of software engineering experience, with at least 5+ years focused on API Security, IAM, or Gateway implementations.
- Bachelor's degree in computer science, Engineering, Data Science, or related technical field
- API Gateway Expertise: Deep, hands-on experience with any enterprise API Gateway technology (e.g., Kong, Apigee, AWS API Gateway, Azure API Management). You must understand the lifecycle of an API request from ingress to backend.
- Protocol Authority: Expert-level knowledge of OAuth 2.0 (Client Credentials, PKCE, Authorization Code), OpenID Connect (OIDC), and API Security standards (OAS, REST, GraphQL security).
- Backend Development: Strong backend coding proficiency in Java or Python. You must be comfortable writing high-performance APIs and micro-services.
- MCP & AI Readiness: Strong theoretical or practical knowledge of the Model Context Protocol (MCP) specifications. You understand how MCP Servers and Clients interact and how to apply security controls to this new pattern.
- IAM Ecosystem: Solid experience working with enterprise Identity Providers like Okta, Microsoft Entra ID (Azure AD)
- DevSecOps: Experience integrating security controls into CI/CD pipelines using tools like Jenkins, GitHub Actions, or GitLab.
Benefits & conditions
We take care of you, so you can take care of business. We care about our people. That's why we provide everything you-and your career-need to thrive at S&P Global.
Our benefits include:
- Health & Wellness: Health care coverage designed for the mind and body.
- Flexible Downtime: Generous time off helps keep you energized for your time on.
- Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
- Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
- Family Friendly Perks: It's not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
- Beyond the Basics: From retail discounts to referral incentive awards-small perks can make a big difference.