Tech Risk Mgmt Analyst III - India

CME Group

3-5 Years | Bangalore, Karnataka, India (On Site) | Full Time | 1 day ago
Apply Now

Job Summary

The Global Information Security (GIS) Technology Risk Management Analyst III will work with peers in GIS and across the Technology Division to ensure that cybersecurity and technology risks are properly identified, assessed, adjudicated, and communicated in support of the overall GIS Risk Management program. As part of the GIS Risk Management team, the analyst will work with a broad range of technology and non-technology stakeholders to help CME record and remediate risks. Key accountabilities include supporting CME Group’s technology and cybersecurity risk management function, identifying and assessing risks, developing remediation plans, fostering risk awareness, and contributing to continuous improvement and regulatory compliance activities.

Must Have

  • Support CME Group’s technology and cybersecurity risk management function
  • Work collaboratively to identify and assess risks related to confidentiality, integrity, and availability of technology systems and information
  • Develop and document remediation plans with risk owners and technical peers
  • Foster a culture of risk awareness and accountability
  • Contribute to the continuous improvement of Risk Management policies and procedures
  • Contribute to regulatory compliance activities including annual enterprise technology risk assessments
  • Synthesize complex technical details for presentation to non-technical decision-makers
  • Support the collection and creation of technology metrics, aid in identifying meaningful trends
  • Objectively assess the impact, likelihood, velocity, and magnitude of identified risks
  • Objectively advise on technical controls that will mitigate risk
  • Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers
  • Rapidly analyze complex technical details
  • Synthesize detailed analysis into a “big picture” view for senior managers
  • Bachelor’s degree in computer science or similar, or 4+ years equivalent work experience in technology roles
  • 3-5+ years of experience in cybersecurity and technology risk management or compliance
  • 3-5+ years of experience with industry standard information security and control frameworks (NIST Cyber Security Framework, 800-53, ISO 27002, CobIT)
  • Demonstrable high quality oral and written communications skills
  • Demonstrable knowledge of cybersecurity and IT best practices in identity and access management, intrusion detection and response, secure software development (including Agile), security architecture, security engineering, and IT compliance

Good to Have

  • Experience working with global organizations and global teams
  • Experience in the Financial sector
  • Professional certifications in cybersecurity or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA)
  • Knowledge and/or experience with Cyber Risk Quantification (CRQ) and the Factor Analysis of Information Risk (FAIR™) framework and standard

Job Description

The Global Information Security (GIS) Technology Risk Management Analyst III will work with peers in GIS and across the Technology Division to ensure that cybersecurity and technology risks are properly identified, assessed, adjudicated, and communicated in support of the overall GIS Risk Management program.

As part of the GIS Risk Management team, the analyst will work with a broad range of technology and non-technology stakeholders to help record and remediate risks.

Accountabilities:

  • Support Group’s technology and cybersecurity risk management function
  • Work collaboratively with technology and business partners to identify and assess risks related to the confidentiality, integrity, and availability of technology systems and information
  • Develop and document remediation plans with risk owners and technical peers to address identified risks, including recommendations for technology and process controls
  • Foster a culture of risk awareness and accountability through continuous engagement with stakeholders throughout the risk management and finding management life cycle
  • Contribute to the continuous improvement of Risk Management policies and procedures
  • Contribute to regulatory compliance activities including annual enterprise technology risk assessments
  • Synthesize complex technical details for presentation to non-technical decision-makers
  • Support the collection and creation of technology metrics, aid in identifying meaningful trends, and effectively report and present metrics to decision-makers

Problem Solving:

  • Objectively assess the impact, likelihood, velocity, and magnitude of identified risks
  • Objectively advise on any number of technical controls that will mitigate risk will not imposing undue burden on those who must implement the controls
  • Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers
  • Rapidly analyze complex technical details
  • Synthesize detailed analysis into a “big picture” view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the Technology Division

Decision Making:

  • Recommend risk treatment decisions
  • Recommend ranges of controls when risk mitigation is desired
  • Recommend improvements to methods, instrumentation, training, documentation, and processes

Working Relationships:

  • Daily interaction with peers across the Technology Division.

Experience:

  • Bachelor’s degree in computer science or similar degree, or equivalent work experience (4+ years) in technology roles
  • 3-5+ years of experience working in a cybersecurity and technology risk management or compliance role
  • 3-5+ years of experience working with industry standard information security and control frameworks (NIST Cyber Security Framework, 800-53, ISO 27002, CobIT, etc.)
  • Demonstrable high quality oral and written communications skills for technical, management, and executive audiences
  • Demonstrable knowledge of cybersecurity and IT best practices in the areas of identity and access management, intrusion detection and response, secure software development (including Agile), security architecture, security engineering, and IT compliance
  • Experience working with global organizations and global teams, experience in the Financial sector preferred
  • Professional certifications in cybersecurity or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.) desired
  • Knowledge and/or experience with Cyber Risk Quantification (CRQ) and the Factor Analysis of Information Risk (FAIR™) framework and standard desirable but not required

: Where Futures are Made

is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

At , we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.

6 Skills Required For This Role

Team Management Risk Management Risk Mitigation Talent Acquisition Game Texts Agile Development

Similar Jobs

Risk Management

Analyst, Investment Risk Management
BlackRock • Philadelphia, Pennsylvania, United States (Hybrid)
1 day ago
IN_Senior Associate_ITGC_Cyber Risk & Regulations_Advisory_Bangalore
PwC • Bangalore, Karnataka, India (On Site)
1 day ago
IN_Associate_KYC/AML_Third-party risk_Advisory_Bangalore
PwC • Bangalore, Karnataka, India (On Site)
1 day ago
Exposure Management Consultant
Thales • Canberra ACT, Australia (Remote)
1 day ago
IT Risk & Compliance Analyst
Kforce Inc • Draper, Utah, United States (On Site)
2 days ago
Vice President/Director, Asset-Allocation Model Portfolio Manager, Multi-Asset Strategies & Solutions (MASS)
BlackRock • Mexico City, Mexico (Hybrid)
2 days ago
Associate, Researcher & Portfolio Manager, Multi-Asset Strategies & Solutions (MASS)
BlackRock • Mexico City, Mexico (Hybrid)
2 days ago
Associate, Custom Models Solution Business (CMS) Client Portfolio Manager, Multi-Asset Strategies & Solutions (MASS)
BlackRock • San Francisco, California, United States (Hybrid)
2 days ago
Financial Services Risk and Regulatory Advisory, Senior Associate
PwC • Toronto, Ontario, Canada (On Site)
2 days ago
Manager, Assurance, Risk & Compliance
GoDaddy • India (Remote)
2 days ago

Finance & Legal

Financial Services Analyst
Cubic corporation • Hyderabad, Telangana, India (On Site)
1 day ago
Senior Manager, Marketing Finance (FP&A)
enduring games • London, United Kingdom (On Site)
1 day ago
Project Financial Advisor
WSP • On Site
1 day ago
Senior Cost and Proposal Analyst (Remote)
Quest Global • Vergennes, Vermont, United States (Remote)
1 day ago
Tax Accountant
Kforce Inc • Providence, Rhode Island, United States (Hybrid)
1 day ago
Audit Managers - Real Estate
Kforce Inc • New York, New York, United States (On Site)
1 day ago
Tax Manager
Kforce Inc • North Attleborough, MA, United States (On Site)
1 day ago
Associate, Know Your Client & Client Onboarding
BlackRock • Taipei City, Taiwan (On Site)
1 day ago
Associate, Financial Consolidation Architect (Oracle FCCS)
BlackRock • Atlanta, Georgia, United States (Hybrid)
1 day ago
Treasury, Analyst
BlackRock • Bangalore, Karnataka, India (Hybrid)
1 day ago