Information Governance Risk Management, Sr. Analyst
CME Group is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. We're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
To learn more about what a career at CME Group can offer you, visit us at www.wherefuturesaremade.com .
This position supports the broader Information Governance team, which includes privacy/confidentiality, records and information management, and eDiscovery. This role is specifically responsible for understanding, assessing and timely communicating Information Governance risks associated with CME Group initiatives, technology, and third-party vendors. Assessments include adherence with relevant to laws, regulations, and industry standards. This role will also be responsible for conducting training and awareness activities as required in response to the assessment process. Responsibilities and Duties
Qualifications and Experience:
- Conduct assessments to determine the capabilities for managing data in accordance with company policies, procedures, and standards. (e.g. Third-Party Vendors, Software, on premises technology deployments, internal data use and access, operational initiatives).
- Timely and collaboratively identify, document and communicate vulnerabilities and risks associated with managing data and provide solutions for remediation.
- Work within broader GIS and TPRM team efforts to ensure Information Governance risks are aligned to all efforts.
- Identify dates for remediation and monitor progress for the identified vulnerabilities and risks. Provide management with periodic updates on remedial efforts.
- Ensure the identified risks are in alignment with the Enterprise Risk Management program.
- Advance the information governance assessment program, facilitating in the identification and risk reduction of information governance risks.
- Demonstrate and understanding of business processes, policies, procedures, governance practices and regulatory requirements.
- Keep abreast of industry developments, such as standards and technology to help harden the organization's ability to protect information and comply with industry standards.
- Participate in continuing education, seminars, and professional organizations to maintain up-to-date knowledge of new issues and regulatory developments.
- Participate in and conduct training and awareness activities for the organization.
- Bachelor's degree. (e.g., Computer Information Systems, Computer Science, Information Systems Management, Privacy, Records Management) or equivalent educational or professional experience and/or qualifications.
- Familiarity with privacy and record keeping laws, data protection/security regulations, and eDiscovery frameworks.
- Client focused and responsive, able to meet deadlines and execute as part of a cross-functional team.
- Demonstrable audit, risk and/or compliance experience preferred
- Experience completing audits, risk assessments, and remediation management.
- Experience with RSA Archer Vendor Management tool and SharePoint Administration a plus
- Strong communication, facilitation, and relationship building skills
- Comfortable dealing with all levels of management
- Strong analytical, problem-solving skills and troubleshooting skills
- Technical skills, required
- Strong written and oral communication skills
- Highly self-motivated and directed, with keen attention to detail
- Highly organized with excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues and obstacles