2022 is an exciting year for technology professionals to join CME Group following the recent $1bn equity investment from Google. CME Group has also agreed a long-term partnership with Google to migrate our technology infrastructure to Google Cloud in a visionary partnership to transform the global derivatives markets through technology.
"Bringing together CME Group's best-in-class financial talent with Google Cloud's deep engineering expertise will help accelerate technological innovation in capital markets infrastructure." - Thomas Kurian, CEO, Google Cloud.
Our highly skilled technology professionals will continue to design, develop and support the world's leading and most diverse derivatives marketplace, and with the upcoming migration to Google Cloud and the launch of several new products and services, there has never been a more exciting time join CME Group.
The IT Compliance Analyst ill have day-to-day responsibilities to fulfill and support the IT Compliance & Controls mission, including analysis of IT Control Framework assessments, analysis of IT Control gaps, assistance in remediation planning and tracking, analyzing legal or regulatory obligations (pending or enacted) for impact to existing baseline controls & test procedures, performing the IT compliance assurance function, evaluating the results of control owner self-assessments/control testing and recommend remediation steps, providing awareness of the IT control & risk frameworks, assisting in updating the IT Control Library & Control Plans to reflect the current CME operating environment & regulatory landscape. Incumbent will support IT compliance obligations as required, e.g. provide assistance in Global Assurance audits.
The Incumbent will be responsible for:
Learning and understanding the function and goals of the CME Group Technology Compliance Team
Assessing the control implementation via defined test procedures and determining if controls are designed and operating as expected
Analyzing and determining if existing controls are sufficient to meet new regulatory or legal obligations or if control enhancements are needed
Deciding how authoritative source changes impact existing control plans & test procedures
Helping to determine training/education needs (based on interaction with control plan owners)
Helping assess the risk of controls not implemented
Participating in application testing
Performing audits of technology projects
Recommending remediation actions.
The Incumbent will follow common approaches for interacting with IT control owners while helping establish new approaches where precedent doesn't exist in handling IT controls & associated risks. Given the current control environment, precedents will need to be established to determine how to properly respond, leaning on defined controls but helping to establish the compliance culture.
In this role the Incumbent will be expected to:
Recommend remediation actions for findings
Decide on degree controls are operating based on independent assessment of test procedure results
Recommend improvements in IT control & risk processes for potential automation.
Decisions will generally be reviewed by IT Compliance Lead Analyst, IT Compliance Manager, and/or Sr. Director.
This position, along with others being initiated, are critical for ensuring the implementation and operation of the IT compliance & risk management function while evolving the tools, processes and methodology established in the IT Control & Risk Framework initiative. The Incumbents ability to operate, enhance & assure IT controls will have a direct impact on reducing the overall IT and corporate risk.
Demonstrated proven success in a role that emphasizes a thorough knowledge of technical aspects of the following areas:
IT Risk Management,
Technical Privacy, and/or
Demonstrated knowledge of performing IT Risk & Security assessments across a broad range of technologies, leveraging thorough technical and operational knowledge of Information Security best practices and industry standards to define the security controls and processes.
Demonstrated knowledge and/or exposure to the common issues facing the financial services market including privacy and regulatory concerns.
Demonstrated abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues
Demonstrated experience participating in key management discussions and meetings, preparing concise, accurate documents and balancing project deadlines with the occurrence of unanticipated issues
Strong written and verbal communication and presentation skills, leadership, and ability to work with diverse teams
Experience as a Staff/Senior level consultant, auditor, or Information Security analyst in a professional services firm or large enterprise, which includes:
Interfacing with key stakeholders on control solutions
Participating in the planning and execution of projects in the following areas:
IT Security Audit,
Remediation, and / or
IT Risk Management.
Experience working with NIST, COBIT, CFTC, AICPA, ISO/IEC, PCI, FFIEC, etc.
General proficiency as user of GRC & Audit tools
Experience in developing automation within security tools
Experience in developing solutions to mitigate security vulnerabilities
Minimum Education/Experience Requirements:
Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
Incumbents who can clearly demonstrate transferable work experience skills from a previous role will be considered
Minimum Experience Requirements:
Experience in general accounting and/or working as a Staff/Senior level IT analyst, IT auditor, or IT risk adviser for a financial institution, public accounting firm (Big 4 preferred), or a professional services firm, performing IT Controls, IT Risk Management, and/or IT Internal Audit including experience in Information Security.
or other related certifications completed or pursuing
CME Group: Where Futures Are Made
CME Group (www.cmegroup.com) is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.