For Recruiters

Senior Technology Controls and Compliance Analyst

CME
Chicago, United States
Posted about 1 month ago Permanent Competitive
Senior Technology Controls and Compliance Analyst
Description
The Senior Technology Controls and Compliance Analyst within the Global Information Security (GIS) department will be leading the Development efforts of the IT Automation & Continuous Monitoring Program. The Analyst will provide support to the Compliance Team and their efforts. This position is critical in supporting the IT governance processes established to manage IT risk, ensure critical controls are implemented and operating to avoid audit findings, and ultimately help reduce IT and corporate risk.

Primary Responsibilities:
  • Perform scripting to automate specific controls as required by the IT Automation and Continuous Monitoring Program, using CI tools such as Bamboo
  • Researching industry best practices around automation & monitoring and providing solutions for application automation as new technology becomes available
  • Debugging the system and fixing related issues associated with Scripting in Bamboo and output to GRC tool
  • Handling complex operational tasks and recommending process and technology changes
  • Building, testing, and installing scripts and software in Dev, QA, Prod/DR environment as needed to automate controls supporting complex efforts involving Analysis, Design, Development and testing of various application components
  • Creating accurate, logical, and detailed work-papers clearly describing the work performed, results of testing and conclusions reached
  • Building positive and collaborative business relationships with stakeholders to support effective and efficient management of the controls testing program
  • Maintaining up-to-date knowledge of the company's IT infrastructure, applications, and IT standards
  • Participating in key management discussions and meetings and Prioritization decisions, balancing project deadlines with the occurrence of unanticipated issues
  • Collaborating with immediate team, fostering a positive team culture while meeting project expectations and respecting the work-life quality of team members
  • Providing candid, meaningful feedback in a timely manner to IT Compliance stakeholders as well as control owners, and keeping leadership informed of progress and issues

Key activities include:
  • Performing Scripting of Controls to provide Automation & Monitoring capabilities
  • Performing testing of internal technology controls in support of various regulatory requirements
  • Providing guidance and training to other team members as necessary
  • Preparing metrics related to controls testing progress and present them to stakeholders as required
  • Recommending improvements in IT control & risk processes for potential automation
  • Analyzing and recommending if existing controls meet new/changing best practices, new regulatory or legal obligations or if control enhancements are needed

Qualifications:
  • Expertise in operating windows and Linux environment with good command over any scripting language such as Shell, Perl, Python, etc.
  • Strong Knowledge of CI tools such as Bamboo
  • 4+ years of experience as a developer with experience operating within an SDLC framework in a regulated environment
  • A broad range of knowledge in technologies and environments leveraging operational knowledge of Information Security best practices and industry standards to define the security controls and processes
  • Strong written and verbal communication skills/presentation skills, leadership, and ability to work with diverse teams
  • Experience interfacing with key stakeholders and Security Control owners
  • Experience working with best practice and frameworks such as ISO27001, NIST, COBIT, CFTC, AICPA, ISO/IEC, PCI, FFIEC or equivalent
  • Degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline - or relevant work experience


Preferred
  • Experience as Senior Staff/Senior level consultant, auditor, or Information Security analyst in a professional services firm or large enterprise
  • Participation in the planning and execution of projects in one or more of the following areas: Information Security Risk Management, Technical Compliance, IT Security Audit, Remediation, and/ or IT Risk Management
  • Experience with Governance, Risk and Compliance (GRC) & Audit tools
  • Experience working with CAATs/data analytics tools and technologies such as Cloud, DevOps, Microservices, etc. desirable, but not mandatory
  • CISA / CISSP / CISM / CGEIT / CRISC / ISO27001 certification (one or more)

#LI-JW1 #LI-Hybrid

CME Group: Where Futures Are Made

CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 3,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.

The Candidate Privacy Policy can be found here.
Job ID  9823715
More Jobs From CME
CME
IAM Lead LDAP Engineer
CME
Chicago, USA
7 days ago Full time Competitive
CME
Sr Software Engineer
CME
Chicago, USA
about 1 month ago Full time Competitive
CME
Senior Security Engineer - IAM
CME
Chicago, USA
about 1 month ago Full time Competitive
CME
IAM Senior Security Engineer
CME
Chicago, USA
about 1 month ago Full time Competitive
CME
GRC Analyst
CME
Chicago, USA
6 days ago Full time Competitive
CME
Configuration Engineer III
CME
Belfast, United Kingdom
5 days ago Full time Competitive
CME
Sr. Security Engineer - IAM
CME
Belfast, United Kingdom
11 days ago Full time Competitive
CME
Senior Security Engineer - IAM
CME
Belfast, United Kingdom
about 1 month ago Full time Competitive
CME
IAM Senior Security Engineer
CME
New York, USA
23 days ago Full time Competitive
CME
Senior Security Engineer - IAM
CME
New York, USA
about 1 month ago Full time Competitive
Recommended Jobs
Wellington Management Company, LLP
Client Analyst
Wellington Management Company, LLP
Chicago, United States
Ameriprise Financial, Inc.
Portfolio Implementation Specialist
Ameriprise Financial, Inc.
Chicago, United States
Ameriprise Financial, Inc.
Senior Operations Professional-U
Ameriprise Financial, Inc.
Minneapolis, United States
Ameriprise Financial, Inc.
Business Program Manager
Ameriprise Financial, Inc.
Minneapolis, United States
CME
Tech Specialist Software Eng
CME
Chicago, United States