Technology Risk Management Analyst III

Description

The Global Information Security (GIS) Technology Risk Management Analyst III will work with peers in GIS and across the Technology Division to ensure that cybersecurity and technology risks are properly identified, assessed, adjudicated, and communicated in support of the overall GIS Risk Management program. As part of the GIS Risk Management team, the analyst will work with a broad range of technology and non-technology stakeholders to help CME record and remediate risks.

Accountabilities:

• Support CME Group’s technology and cybersecurity risk management function


• Work collaboratively with technology and business partners to identify and assess risks related to the confidentiality, integrity, and availability of technology systems and information


• Develop and document remediation plans with risk owners and technical peers to address identified risks, including recommendations for technology and process controls


• Foster a culture of risk awareness and accountability through continuous engagement with stakeholders throughout the risk management and finding management life cycle
  


• Contribute to the continuous improvement of Risk Management policies and procedures


• Contribute to regulatory compliance activities including annual enterprise technology risk assessments


• Synthesize complex technical details for presentation to non-technical decision-makers


• Support the collection and creation of technology metrics, aid in identifying meaningful trends, and effectively report and present metrics to decision-makers

Experience:

• Bachelor’s degree in computer science or similar degree, or equivalent work experience in technology roles


• Demonstrable knowledge of cybersecurity and technology risk management methods and practices from a minimum of 4 years working in a related role



Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Demonstrable high quality writing skills for technical, management, and executive audiences


• Demonstrable knowledge of cybersecurity best practices in the areas of identity and access management, intrusion detection and response, secure software development, security architecture, security engineering, and IT compliance


• Experience working with industry standard information security and control frameworks (NIST Cyber Security Framework, 800-53, ISO 27002, CobIT, etc.)


• Experience working with global organizations and global teams


• Professional certifications in cybersecurity or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.) desired

#LI-MK1 #LI-Hybrid

CME Group: Where Futures Are Made

CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 3,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.