Tech Risk Mgmt Analyst II

2 Months ago • 4-6 Years • Risk Management

Job Summary

Job Description

The Global Information Security (GIS) Technology Risk Management Analyst will collaborate with peers in Global Information Security (GIS) and across the Technology Division to identify, assess, monitor, and communicate third-party technology risks, supporting the Third Party Risk Management (TPRM) program. Responsibilities include assessing information security risks, authoring risk assessment documents, participating in working groups, and contributing to the improvement of TPRM methods and processes. The analyst will also provide advisory services to the IT Management Team and assist in preparing management reports. The role requires strong problem-solving skills, including the ability to analyze complex technical details and synthesize them for non-technical stakeholders, and make recommendations for risk treatment and remediation.
Must have:
  • Bachelor's Degree or equivalent experience
  • Experience in InfoSec, Enterprise Architecture, or IT Compliance
  • Knowledge of InfoSec technologies and practices
  • Impeccable writing skills for technical and executive audiences
Good to have:
  • Knowledge of InfoSec risk management methods
  • Experience with operating GRC solutions
  • Professional certification in InfoSec or Risk Management

Job Details

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program.

Responsibilities Include:

  • Work with peers to identify and assess Information Security risks
  • Conduct risk assessments using CME Group’s established GIS Third Party Risk Management assessment process
  • Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities
  • Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc.
  • Assist the GIS TPRM function with:
    • Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks
    • Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making
    • Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions
    • Assist in compiling and delivering business and operational metrics at regular intervals
    • Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support
  • Problem Solving:
    • Objectively assess the impact, likelihood, and velocity of identified risks
    • Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls
    • Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers
    • Rapidly analyze complex technical details
    • Synthesize detailed analysis into a “big picture” view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company
  • Decision Making:
    • Recommend risk treatment decisions
    • Recommend remediation actions when risk mitigation is desired
    • Recommend improvements to methods, instrumentation, training, documentation, and processes
    • Recommend solutions for automating and streamlining GIS TPRM risk management practices
  • Working Relationships:
    • Interacts with peers across all elements of the Technology Division
    • Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership
    • Interact occasionally with industry peers from other Systemically Important Financial Market Utilities (SIFMU’s), research organizations, solution providers, etc.

Required Experience:

  • Bachelor’s Degree or equivalent experience
  • Minimum of 4 to 6 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus
  • Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit
  • Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.)
  • Demonstrable knowledge of a broad range of InfoSec technologies and practices
  • Demonstrable, impeccable writing skills for technical, management, and executive audiences

Additional preferred experience:

  • Demonstrable knowledge of InfoSec risk management methods and practices
  • Experience with operating GRC solutions
  • Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

CME Group: Where Futures are Made

CME Group is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.

Similar Jobs

Deepgram - Head of FP&A

Deepgram

California, United States (Remote)
2 Weeks ago
We are social - Public Relations Director (PR Director)

We are social

Bangkok, Thailand (Hybrid)
2 Months ago
Tencent - Executive Producer

Tencent

Frankfurt Am Main, Hessen, Germany (On-Site)
3 Months ago
USE Insider - Account Executive - Mexico

USE Insider

Mexico City, Mexico (Hybrid)
3 Months ago
Apple - Sr Engineering Program Manager, Siri Feature Quality

Apple

Seattle, Washington, United States (On-Site)
1 Month ago
Fi - Team Lead-Risk Operations (Transaction Monitoring)

Fi

Bengaluru, Karnataka, India (On-Site)
1 Year ago
Ion - Senior Risk Analyst, Italy

Ion

Pisa, Tuscany, Italy (On-Site)
9 Months ago
Go Fund Me - Risk Analyst II

Go Fund Me

United States (Remote)
2 Weeks ago
OKX - Senior Compliance Manager (Risk Assessment)

OKX

New York, United States (On-Site)
2 Weeks ago
Ion - Junior Consultant - Risk Advisory, Italy

Ion

Milan, Lombardy, Italy (On-Site)
9 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

NVIDIA - Manager, Prepaid Asset Accounting

NVIDIA

Santa Clara, California, United States (On-Site)
4 Months ago
Ettain Group - Ruby On Rails Developer

Ettain Group

Westlake, Texas, United States (On-Site)
10 Years ago
Diligent Corporation - Director, Product Marketing (Platform)

Diligent Corporation

Vancouver, British Columbia, Canada (Hybrid)
2 Weeks ago
Autodesk - Principal Security Engineer, Device Trust

Autodesk

Toronto, Ontario, Canada (On-Site)
1 Month ago
AI Fund - Senior Recruiter

AI Fund

Antioquia, Colombia (Hybrid)
3 Months ago
Quickspin - Sales Director

Quickspin

Malta (Hybrid)
7 Months ago
Qualcomm - Program Manager, Senior

Qualcomm

Suwon-si, Gyeonggi-do, South Korea (On-Site)
2 Months ago
Ion - Credit Data Analyst

Ion

Mumbai, Maharashtra, India (On-Site)
4 Months ago
Epic Games - Lead Rendering Programmer

Epic Games

(On-Site)
3 Months ago
Palo Alto Networks - Director, Technical Customer Support

Palo Alto Networks

São Paulo, State Of São Paulo, Brazil (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Nasdaq - Senior Specialist – Workday Integrations

Nasdaq

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
Qualcomm - Kernel Debug Engineer

Qualcomm

Hyderabad, Telangana, India (On-Site)
2 Months ago
Springer Group - Managing Editor

Springer Group

Pune, Maharashtra, India (On-Site)
2 Weeks ago
Zones - Storage and Datacentre Solution Architect

Zones

Mumbai, Maharashtra, India (On-Site)
5 Months ago
Saviynt - Staff Technical Support Engineer - SAP

Saviynt

Bengaluru, Karnataka, India (Hybrid)
9 Months ago
bytedance - Quality Analyst - ADSEO (Safety)

bytedance

Gurugram, Haryana, India (On-Site)
5 Months ago
Saxo Bank - Senior Database Administrator

Saxo Bank

Gurugram, India (On-Site)
2 Months ago
Lakshya Digital - Dot Net Developer

Lakshya Digital

Haryana, India (On-Site)
4 Months ago
Kwalee - Lead Growth Manager

Kwalee

Bengaluru, Karnataka, India (On-Site)
3 Months ago
Alphawave Semi - Design Verification Engineer

Alphawave Semi

Bengaluru, Karnataka, India (On-Site)
1 Year ago

Get notifed when new similar jobs are uploaded

Risk Management Jobs

Ion - Senior Consultant - Risk Advisory, Italy

Ion

Turin, Piedmont, Italy (On-Site)
9 Months ago
Visa - Head of Risk Consulting, Visa Consulting & Analytics, CISSEE

Visa

Almaty, Almaty Region, Kazakhstan (On-Site)
9 Months ago
OKX - Compliance Manager (Policy / Risk Assessment)

OKX

New York, United States (On-Site)
1 Week ago
Marsh McLennan - Senior Manager, Risk Advisory

Marsh McLennan

Sydney, New South Wales, Australia (Hybrid)
1 Month ago
OKX - Senior Associate, Fraud Risk

OKX

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
2 Months ago
Bosch Group - Manager - Export Control Governance and Risk Management

Bosch Group

Washington, District Of Columbia, United States (On-Site)
1 Month ago
Aspire - Strategy & Operations Lead (Operational Risk)

Aspire

Singapore, Singapore (Hybrid)
2 Weeks ago
Ion - Senior Risk Analyst, Italy

Ion

Collecchio, Emilia-Romagna, Italy (On-Site)
9 Months ago
Jane Street - Technology Governance & Risk Specialist

Jane Street

London, England, United Kingdom (On-Site)
2 Months ago
Ion - Credit Risk Analyst, Italy

Ion

Milan, Lombardy, Italy (Hybrid)
9 Months ago

Get notifed when new similar jobs are uploaded

About The Company

As the world’s leading derivatives marketplace, CME Group is where the world comes to manage risk. We enable clients to trade futures, options, cash and OTC markets, optimize portfolios, and analyze data – empowering market participants worldwide to efficiently manage risk and capture opportunities. CME Group exchanges offer the widest range of global benchmark products across all major asset classes based on interest rates, equity indexes foreign exchange energy agricultural products and metals. We meet uncertainty and volatility with confidence and clarity, across the trading lifecycle and around the world.

Chicago, Illinois, United States (On-Site)

Belfast, Northern Ireland, United Kingdom (Hybrid)

Chicago, Illinois, United States (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Chicago, Illinois, United States (Hybrid)

Bengaluru, Karnataka, India (On-Site)

Singapore (On-Site)

View All Jobs

Get notified when new jobs are added by CME Group

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug