Description Principal Accountabilities: -Coordinate the development of information security policies, standards and procedures. Work with IT departments and data custodians in the development of such policies. Ensure policies support compliance with external requirements. -Oversee the dissemination of policies, standards and procedures. Coordinate the development and delivery of an education and training program on information security and privacy matters for employees/contractors. Assist in developing and implementing an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation and oversee vulnerability testing. Assist in implementing information security policies and procedures for the organization. Ensure Global Information Security - Operations Team conforms to information security policies, standards, laws and regulations. Conduct reviews and audits to ensure compliance for information security Policies and Procedures. Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager. Analyze Technology and -Enterprise Computing controls and provide recommendations for improvements in accordance with frameworks. Engage CME Group Internal Audit, CME Group Compliance, CME Group's external auditors, Technology and Enterprise Computing Division Management and Staff to ensure effective communication and reporting transparency for Global Information Security Projects and Programs. Assist with reporting and communicating at a strategic level on efforts within IT Risk and IT Change Management programs. -Analyze and make suggestions for enhancements to these programs while ensuring industry best practices and standards. Assist with implementing portions of ISO 27001 and an ISMS. Assist with internal investigations. Assist with implementation of Identify and Access Governance tool. Keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to CME Group and its mission. Assist with Security Awareness Program and ongoing education. Assist in defining processes within the Assurance and Security Management areas of the Global Information Security Department. Ad hoc requests.
Skills & Software Requirements:
Minimum of six years of experience in information security, information technology, IT compliance, IT Internal Audit or related field. Working knowledge of policy and regulatory environment of information security. Excellent project management, written and oral communications skills desired. Ability to work collaboratively with a broad range of constituencies essential.
Knowledge and understanding of various IT platforms and databases including Unix, Solaris, Linux, Windows, Oracle and Networking. A Bachelor's degree and working towards a CISSP, Security+, CISA or CISM. Knowledge of risk management practices and programs required.
CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The salary range for this role is $117,800-$196,400. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our Benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active Pension Plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic Benefits package for our team and their dependents.
CME Group: Where Futures Are Made
CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
This position requires that you be fully vaccinated against COVID-19 by the date of hire. Proof of vaccination will be required as a condition of employment. CME Group complies with federal, state and local laws with respect to providing accommodations for individuals who are unable to receive the vaccine due to a medical condition or religious belief.