Lead Identity Engineer – API & AI Gateways

S&P Global

Quick summary

Work type
On-site
Location
Raleigh, NC · New York, NY · Princeton, NJ
Salary
$120,000–$160,000 / yr
Posted
29 days ago
Closes
Jan 13, 2027

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $203k
This role $140k
$106k most similar roles pay here $249k

This role pays less than 95% of similar roles. Most pay $171,500–$235,187 — the shaded band above. At the midpoint, this role pays about $140k versus about $203k for comparable roles.

Based on 240 similar postings.

Employer

About S&P Global

S&P Global delivers Essential Intelligence® that shapes decision making. We provide the world’s leading organizations with the right data, connected technologies and expertise they need to move ahead.

S&P Global currently has 25 open roles on FindRole.

Listed pay typically runs $142,000–$207,700 across 15 roles with salary data.

Most-posted roles

View all roles at S&P Global

At a glance

TL;DR · Lead Identity Engineer – API & AI Gateways

Apply Now Log in to save

As a Lead Identity Engineer at S&P Global, you will join the API & AI Gateways team to architect and govern the Model Context Protocol (MCP) Gateway, ensuring robust security for both human users and AI agents. Your primary responsibilities include designing fine-grained authorization frameworks and API governance layers that can scale with high-velocity access patterns. You must have deep expertise in enterprise API gateways like Kong or Apigee, OAuth 2.0, OpenID Connect, and RESTful API security standards. Strong backend development skills in Java or Python are essential for building high-performance APIs and microservices. Additionally, experience with MCP specifications and integrating security controls into CI/CD pipelines using tools such as Jenkins is required. This role demands a solid understanding of enterprise identity providers like Okta and Microsoft Entra ID to secure critical data sources against unauthorized AI access in the evolving digital supply chain.

Skills

API Gateway OAuth 2.0 OpenID Connect Java Python MCP Okta Azure AD CI/CD Jenkins GitHub Actions GitLab

What you'll do

  • Design and implement robust authorization frameworks for API security.
  • Architect and govern the Model Context Protocol (MCP) Gateway for secure AI access.
  • Ensure compliance with OAuth 2.0, OIDC, and other modern authorization standards.
  • Develop fine-grained authorization policies to protect critical data sources from unauthorized access.
  • Integrate security controls into CI/CD pipelines using DevSecOps practices.
  • Extend API security controls to accommodate high-velocity AI agent access patterns.
  • Collaborate on the secure adoption of Generative AI within the digital supply chain.

What we're looking for

  • 8+ years of software engineering experience with at least 5 years in API Security, IAM, or Gateway implementations.
  • Bachelor's degree in computer science, engineering, data science, or related technical field.
  • Deep expertise in enterprise API Gateway technologies and lifecycle management.
  • Expert-level knowledge of OAuth 2.0, OpenID Connect (OIDC), and API security standards.
  • Strong backend coding proficiency in Java or Python for high-performance APIs and microservices.
  • Knowledge of Model Context Protocol (MCP) specifications and its application in AI ecosystems.
  • Experience working with enterprise Identity Providers like Okta and Microsoft Entra ID.

Related searches

More Lead Identity Engineer jobs Lead Identity Engineer jobs in Raleigh All jobs at S&P Global

More like this

Similar roles

Lead Identity Engineer

Lam Research

Fremont, CA 44 days ago $137,000$287,000
Saviynt SAP Python REST APIs PowerShell SQL ServiceNow Azure AD Okta Ping Kubernetes Terraform CI/CD PostgreSQL Prometheus Grafana
Hybrid
Save

Lead Identity Engineer

Lam Research

Tualatin, OR 18 days ago
Saviynt SAP Python REST APIs PowerShell SQL ServiceNow Azure AD Okta Ping Kubernetes Terraform CI/CD PostgreSQL Prometheus Grafana
Hybrid
Save

Identity Provider Engineer

Booz Allen Hamilton

Riverdale, MD 37 days ago $86,800$198,000
PingFederate Okta EntraID SAML 2.0 OAuth 2.0 OpenID Connect Java JavaScript Python PowerShell Groovy RESTful APIs Active Directory LDAP Zero Trust MFA PingAccess PingDirectory PingOne DevOps CI/CD Okta Workflows Custom Authorization Servers Inline Hooks NIST FedRAMP HIPAA AWS Cognito Azure AD B2C Google Cloud Identity
Save

Identity Provider Engineer

Booz Allen Hamilton

Riverdale, MD 26 days ago $86,800$198,000
PingFederate Okta Entra ID SAML 2.0 OAuth 2.0 OpenID Connect Java JavaScript Python PowerShell Groovy RESTful APIs Active Directory LDAP Zero Trust Password-less authentication MFA DevOps CI/CD NIST FedRAMP HIPAA AWS Cognito Azure AD B2C Google Cloud Identity
Save

Identity Engineer

Booz Allen Hamilton

Ford Island, HI 23 days ago $61,900$141,000
Microsoft Ping SailPoint CyberArk VMware CI/CD AWS Kubernetes PostgreSQL Secret Clearance HS diploma GED CIMP CIAM CIGE Microsoft IAAA Azure IAM Red Hat Certification
Save

Lead Security Engineer (AI) – Product Security

Nubank

Durham 2 days ago
LLM AI runtime security input validation abuse detection policy enforcement prompt injection data exfiltration jailbreak protection telemetry monitoring alerting Python Kubernetes CI/CD
Hybrid
Save