Lead Security Engineer - DLP
CME Group is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. Weâ€™re small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
To learn more about what a career at CME Group can offer you, visit us at www.wherefuturesaremade.com .
This is a perfect opportunity for the right person to become a key part of a team of cybersecurity professionals that are executing a pivotal role in protecting and defending the nationâ€™s critical infrastructure. The Lead Security Engineer, CyberDefense Engineering will be part of a team responsible for operating a highly important CyberDefense function. This role focuses on CyberDefense solutions for CMEâ€™s Data Loss Prevention Platform(s) within CyberDefense Engineering â€" Global Information Security. This is a challenging and rewarding opportunity for an individual who is looking for an opportunity in the CyberDefense arena and wishes to grow within an organization. Position Responsibilities
- Participate in the creation and execution of CyberDefense solutions as directed by CyberDefense management and in accordance with CMEâ€™s CyberDefense Roadmap
- Manage projects according to project plans with a keen eye to objective delivery, cost adherence and minimizing risk
- Maintain industry awareness of the CyberDefense product landscape, emerging and rising threat landscape and the latest/newest protocols/techniques/evolution in CyberSecurity/CyberDefense with a focus on Data Protection / Data Loss Prevention
- Create / document complete service designs including, but not limited to technical requirement documents, Proof of Concept use cases, technology engineering documents, service operations guides, etc.
- Perform service transition to requisite service operations organizations and service consumers
Core Fundamental Technology Understanding
- 8+ years in CyberSecurity Engineering / Data Protection
- Solid working knowledge of ITIL (ITIL Certification preferred)
- A good understanding of Industry Security standards (ie: ISO27001/2, NIST Cyber Security Framework, etc.)
- Ability to multi-task
- Practical working knowledge of engineering, implementing, operating and supporting a Data Loss Prevention Platform
- Understanding of end-to-end implications of DLP implementation from business requirements to implementation challenges to constituent education to continual service improvement and support
- Solid understanding of High Availability, System Resiliency, Systems Engineering and Web technologies
- Ability to create roadmaps / vision for the maturity of DLP
- Experience with data protection and cloud tooling (DLP, Data Security, Encryption and CASB)
- A working knowledge of Cloud Security and supporting Technologies (e.g. AWS, Azure, GCP, SaaS, PaaS, DBaaS), particularly Data Loss Prevention within Microsoft O365, Azure Information Protection & AWS
- Proven experience of information protection and data classification technologies, concepts and techniques to classify unstructured and structured data both on-premise and in the cloud.
- Exceptional interpersonal skills; must build strong relationships with partners (internally and externally)
- Strong problem solving and troubleshooting skills with the ability to exercise mature judgment
- Proven execution capabilities. Willingness to creatively ensure mission success. Ability to work under pressure, owning and meeting critical deadlines.
- Strong networking and infrastructure background / understanding of core technologies such as IP Networking, L2/L3 network protocols (OSPF, BGP), LAN/WAN, TCP/IP, OSI Model, route, switch, DNS, DHCP, Domain Controllers, LDAP, SSO, QOS, VLAN, and ACL
- Basic working knowledge of IAM technologies such as AD, AAD, SAML, OAUTH, LDAP, Kerberos, and OpenID
- Basic working knowledge of Access Control and supporting concepts such as the principle of least privilege, RBAC, and MFA