Espace Recruteurs

Senior Technology Controls and Compliance Analyst

CME Group
Chicago, États-Unis
Mise en ligne il y a 3 mois CDI Competitive
Senior Technology Controls and Compliance Analyst
Description
The Senior Technology Controls and Compliance Analyst within the Global Information Security (GIS) department will be leading the Development efforts of the IT Automation & Continuous Monitoring Program. The Analyst will provide support to the Compliance Team and their efforts. This position is critical in supporting the IT governance processes established to manage IT risk, ensure critical controls are implemented and operating to avoid audit findings, and ultimately help reduce IT and corporate risk.

Primary Responsibilities:
  • Perform scripting to automate specific controls as required by the IT Automation and Continuous Monitoring Program, using CI tools such as Bamboo
  • Researching industry best practices around automation & monitoring and providing solutions for application automation as new technology becomes available
  • Debugging the system and fixing related issues associated with Scripting in Bamboo and output to GRC tool
  • Handling complex operational tasks and recommending process and technology changes
  • Building, testing, and installing scripts and software in Dev, QA, Prod/DR environment as needed to automate controls supporting complex efforts involving Analysis, Design, Development and testing of various application components
  • Creating accurate, logical, and detailed work-papers clearly describing the work performed, results of testing and conclusions reached
  • Building positive and collaborative business relationships with stakeholders to support effective and efficient management of the controls testing program
  • Maintaining up-to-date knowledge of the company's IT infrastructure, applications, and IT standards
  • Participating in key management discussions and meetings and Prioritization decisions, balancing project deadlines with the occurrence of unanticipated issues
  • Collaborating with immediate team, fostering a positive team culture while meeting project expectations and respecting the work-life quality of team members
  • Providing candid, meaningful feedback in a timely manner to IT Compliance stakeholders as well as control owners, and keeping leadership informed of progress and issues

Key activities include:
  • Performing Scripting of Controls to provide Automation & Monitoring capabilities
  • Performing testing of internal technology controls in support of various regulatory requirements
  • Providing guidance and training to other team members as necessary
  • Preparing metrics related to controls testing progress and present them to stakeholders as required
  • Recommending improvements in IT control & risk processes for potential automation
  • Analyzing and recommending if existing controls meet new/changing best practices, new regulatory or legal obligations or if control enhancements are needed

Qualifications:
  • Expertise in operating windows and Linux environment with good command over any scripting language such as Shell, Perl, Python, etc.
  • Strong Knowledge of CI tools such as Bamboo
  • 4+ years of experience as a developer with experience operating within an SDLC framework in a regulated environment
  • A broad range of knowledge in technologies and environments leveraging operational knowledge of Information Security best practices and industry standards to define the security controls and processes
  • Strong written and verbal communication skills/presentation skills, leadership, and ability to work with diverse teams
  • Experience interfacing with key stakeholders and Security Control owners
  • Experience working with best practice and frameworks such as ISO27001, NIST, COBIT, CFTC, AICPA, ISO/IEC, PCI, FFIEC or equivalent
  • Degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline - or relevant work experience


Preferred
  • Experience as Senior Staff/Senior level consultant, auditor, or Information Security analyst in a professional services firm or large enterprise
  • Participation in the planning and execution of projects in one or more of the following areas: Information Security Risk Management, Technical Compliance, IT Security Audit, Remediation, and/ or IT Risk Management
  • Experience with Governance, Risk and Compliance (GRC) & Audit tools
  • Experience working with CAATs/data analytics tools and technologies such as Cloud, DevOps, Microservices, etc. desirable, but not mandatory
  • CISA / CISSP / CISM / CGEIT / CRISC / ISO27001 certification (one or more)

#LI-JW1 #LI-Hybrid

CME Group: Where Futures Are Made

CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 3,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.

The Candidate Privacy Policy can be found here.
Référence  9823715
Plus d'offres de CME Group
CME Group
Sr. Technology Controls and Compliance Analyst
CME Group
New York, USA
il y a environ 1 mois Full time Competitive
CME Group
Sr HR Technology Workday Analyst
CME Group
Chicago, USA
il y a environ 1 mois Full time Competitive
CME Group
Sr. Security Engineer LDAP - IAM
CME Group
Chicago, USA
il y a 8 jours Full time Competitive
CME Group
Sr Software Engineer
CME Group
Chicago, USA
il y a 3 mois Full time Competitive
CME Group
Senior Security Engineer - IAM
CME Group
Chicago, USA
il y a 3 mois Full time Competitive
CME Group
Senior Network Operations Engineer
CME Group
Singapore
il y a 2 jours Full time Competitive
CME Group
Sr Network Ops Engineer
CME Group
Belfast, United Kingdom
il y a 11 jours Full time Competitive
CME Group
IAM Lead LDAP Engineer
CME Group
Washington D.C., USA
il y a 29 jours Full time Competitive
CME Group
IAM - Lead LDAP Engineer
CME Group
Houston, USA
il y a environ 1 mois Full time Competitive
CME Group
IAM - Lead Security Engineer LDAP
CME Group
New York, USA
il y a environ 1 mois Full time Competitive
Offres recommandées