Lead Identity Engineer - API & AI Gateways

About the role

Grade Level (for internal use): 11 Position Summary: We are seeking a Lead Identity Engineer to lead the architecture of our next-generation API security and authorization platforms. While deeply rooted in core IAM principles. You will leverage your deep expertise in securing APIs and modern authorization standards (OAuth/OIDC) to architect the Model Context Protocol (MCP) Gateway, the secure bridge connecting our enterprise data to AI agents. In this role, you will primarily focus on building robust Authorization frameworks and API Governance layers that can scale to support not just human users, but the high-velocity, complex access patterns of AI agents. The Impact The candidate will drive the transformation of our security posture by extending our robust API security controls to the emerging AI ecosystem. In this role, responsibilities include architecting and governing the MCP Gateway. You will ensure that critical data sources are protected against unauthorized AI access. By implementing Fine-Grained Authorization (FGA) and context-aware policies, you will enable the safe adoption of Generative AI, ensuring that our digital supply chain remains secure, compliant, and ready for the future of automation. Compensation/Benefits Information (US Applicants Only ): S&P Global states that the anticipated base salary range for this position is $120,000 - $160,000. Final base salary for this role will be based on the individual's geographical location as well as experience and qualifications for the role. This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please click here.

Requirements

• Basic Required Qualifications:
• Experience: 8+ years of software engineering experience, with at least 5+ years focused on API Security, IAM, or Gateway implementations.
• Bachelor's degree in computer science, Engineering, Data Science, or related technical field
• API Gateway Expertise: Deep, hands-on experience with any enterprise API Gateway technology (e.g., Kong, Apigee, AWS API Gateway, Azure API Management). You must understand the lifecycle of an API request from ingress to backend.
• Protocol Authority: Expert-level knowledge of OAuth 2.0 (Client Credentials, PKCE, Authorization Code), OpenID Connect (OIDC), and API Security standards (OAS, REST, GraphQL security).
• Backend Development: Strong backend coding proficiency in Java or Python. You must be comfortable writing high-performance APIs and micro-services.
• MCP & AI Readiness: Strong theoretical or practical knowledge of the Model Context Protocol (MCP) specifications. You understand how MCP Servers and Clients interact and how to apply security controls to this new pattern.
• IAM Ecosystem: Solid experience working with enterprise Identity Providers like Okta, Microsoft Entra ID (Azure AD)
• DevSecOps: Experience integrating security controls into CI/CD pipelines using tools like Jenkins, GitHub Actions, or GitLab.
• What's In It For You?
• Our Mission:
• Advancing Essential Intelligence.
• Our People:
• Our Values:
• Integrity, Discovery, Partnership

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at spgi? Share your experience