Infrastructure Security Architect
CME Group is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. We're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
To learn more about what a career at CME Group can offer you, visit us at www.wherefuturesaremade.com .
CME Group Infrastructure Security Architect
provides leadership on security subject matter through design & delivery of integrated solution architectures and development of standards and reference architectures. By adding your experience and extensive knowledge on multiple technologies and solutions to the team's collective skills and experience we further enhance our ability to provide secure technical design recommendations that target on delivering business value through successful project and program delivery.
position will participate in all functions related to Infrastructure Security Architecture, including: infrastructure security strategy and roadmap planning, acting as a security liaison to the business, and help facilitate demand management.
This role requires a high level of technical expertise in multiple Infrastructure and Information Security disciplines, including: networking, virtualization, identity and access management (IAM), directory services (LDAP/AD), cloud computing (AWS, GCP, Azure), containers, databases, security stack technologies (IDS/IPS, SIEM, etc.), and a basic understanding of security and regulatory frameworks (CIS, NIST, RegSCI, HIPAA, etc.).
In addition to technical prowess, the role will require mentorship, design guidance, and consultation to drive change and support the evolution of CME Group.
As a leader on the Global Information Security team (GIS), the incumbent is expected to remain engaged with and support other leaders across GIS and Technology to ensure the timely delivery of security and business solutions. Principal Accountabilities
- Consult with business teams on secure infrastructure design. Perform infrastructure security assessments to identify security design gaps. Work with project teams to plan the remediation of findings.
- Lead the creation and maintenance of standards, patterns, and reference architectures. Standards may be required for CME Group to comply with regulatory requirements set forth by various regulatory bodies that provide oversight to CME Group business functions. Reference architectures provide direction and guidance on proper compliance with these defined standards.
- Act as the lead architect for security projects. Work with teams to gather requirements, evaluate new technologies, plan the implementation of new security services and capabilities, and improve the maturity of existing capabilities. Participate in the development of security roadmaps and champion GIS' vision with business partners and IT staff.
- Participate in and contribute to architecture working groups, change advisory boards, and steering committees. Prepare reports for senior management including presentations, metrics, and other documentation required to support architecture and governance work.
- Assist in planning the remediation of assessment, audit, and regulatory findings.
- Communicate and collaborate with cross-functional peers outside of the Technology Division, including General Counsel, Records Retention, Global Assurance, Enterprise Risk Management, Third Party Risk Management, and other business unit leadership.
- Interact with industry peers from other systemically important financial market utility (SIFMU) organizations, research organizations, solution providers, etc.
- Actively participate in Communities of Practice to ensure effective adoption of security and continuous improvement of security efforts
- Act as an advocate for security and lead efforts to promote security awareness at all levels of the organizations
- Ensure that all risk considerations are identified and addressed with new and modified services
A Bachelor's or Master's degree in Computer Science, Information Systems or other related field; or equivalent work experience. Experience
- 10+ years of security analysis, design and service development OR demonstrated ability to meet job requirements through a comparable number of years of technical work experience
- 7+ years of experience as an enterprise and/or security architect in publicly traded companies or finance/technology industry; or minimum 7 years as a consultant to such companies at a commensurate level.
- 5+ years performing reviews of infrastructure for security vulnerabilities and threat modeling
- Experience with or deep exposure to the financial industry, focused on clearing or trading
- Demonstrable knowledge of a broad range of Information Security technologies and practices
- Demonstrable, impeccable writing skills for technical, management, and executive audiences
- Demonstrable communication capabilities including oral presentation and ability to present in front of executive leadership
- Demonstrable experience coordinating multiple concurrent issues, in high-pressure situations
- Advanced knowledge of infrastructure security assessments
- Experience with application interdependency and infrastructural design
- Experience with scripting languages
- Experience with drafting of standard, reference architecture, policies, procedures and implementation guidelines
- Extensive experience with the Build Security In Maturity Model (BSIMM) methodology and assessment process
- High understanding of entire development process, including specification, documentation and quality assurance
- High degree of understanding in the theories, methodologies and principals underlying secure technical analysis, design and implementation of secure networks, applications, systems, and databases
- Candidates must have proven ability to build value propositions, business cases, & drive results as part of a larger project or program team
- Relevant experience designing, implementing, and supporting large scale solutions
- High degree of understanding with Cryptographic Services
- Experience with Amazon Web Services, Google Cloud, or Microsoft Azure
- Preferred: one or more certifications, including: GSEC, CISSP, CISA, GIAC, GPEN, PMP, MCSE, GCIA, GCIH