of Skills & Role
As a Security Engineer II - Operations within the Global Information Security (GIS) department, you will be a vital, hands-on contributor to the continuous operation and optimization of our security control infrastructure. You will be expected to leverage your expertise to enhance team efficiency, share knowledge proactively, and ensure the stability, performance, and effectiveness of core security platforms. This role operates within our comprehensive "Follow-the-Sun" support model, requiring seamless collaboration and excellent handover practices with our global GIS teams to ensure 24/7 market protection.
Specific Deployment:
Initial Training Schedule: (First 3-6 months): Until the selected candidate is fully up to speed on our specific technologies and environment, the work schedule will be Monday - Friday business hours, working alongside existing Cyber Defense engineers for onboarding, training and ramp-up.
Target Shift Schedule: This position is essential to completing our 24/7 operational coverage and offers a non-traditional schedule designed for work-life integration. After the initial training period, this role will transition to a compressed work schedule, requiring four (4) eleven-hour shifts per week (10 working hours plus 1 hour for lunch) to cover weekend support, specifically Friday through Monday which grants three consecutive days off every week.
In-Office Requirement: This position requires a minimum 2-day per week in-office presence. Candidates must be within commutable distance of a CME Group office.
Core Responsibilities & Focus
Incident Support & Partnership: Serve as front line escalation and key technical resource during incidents involving Cyber Defense Applications, performing advanced log analysis and containment. Partner with Cyber Defense Monitoring, Incident Response and other IT teams to facilitate swift, coordinated resolution and effective post-incident review.
System Resiliency & Testing: Lead the operational planning and execution of security-related tasks during scheduled System Resiliency (Disaster Recovery) exercises. Fulfill the System Resilience Coordinator (SRC) exercise responsibilities as outlined in the System Resilience Coordinator Procedures. This includes coordination, support, issue management, documentation, and communication to stakeholders.
Change Management & Weekend Coordination: Assume primary responsibility for the execution of assigned security operational task work scheduled during the weekend maintenance window. Represent Cyber Defense as the designated point of contact and actively participate in the weekly Saturday Change Status Bridge call, providing timely updates and security governance oversight for all in-progress changes.
Tool Management & Maintenance: Own the operational health, configuration, and maintenance lifecycle of critical security tools. Collaborate closely with peer and engineering teams across time zones to standardize configurations and ensure global system availability.
Operational Automation & Knowledge Sharing: Develop and deploy automation scripts (Python, PowerShell) to streamline repetitive security tasks. Actively mentor and train teammates on new tooling and automation practices to uplift the global team's engineering capabilities.
Tuning & Optimization: Proactively tune security controls to minimize false positives and maximize threat detection accuracy, sharing all performance improvements and best practices with the broader security engineering community.
Documentation & Standards: Periodically review and maintain comprehensive operational documentation, runbooks, and configuration guides to ensure consistent and auditable security practices, focusing on clarity for use by global teams.
Required Competencies
Proven experience (typically 3+ years) managing and operating enterprise-level security technologies in a high-stakes, regulated environment.
Scripting and automation experience a plus (Python preferred) for security tool interaction and daily operations.
Communication and Collaboration Demonstrated ability to communicate clearly and collaborate effectively across different technical teams, and to provide professional guidance and technical clarity for non-technical consumers from various international locations.
Practical expertise with Linux and Windows operating system security and hardening best practices.
Solid understanding of networking and security protocols (TCP/IP, DNS, TLS) relevant to troubleshooting operational security issues.
Experience supporting Cloud Security Operations (GCP/AWS/Azure) is highly desirable.
Education: Bachelor's degree in Computer Science, Information Security, or a related technical field is preferred. Relevant experience may substitute for a degree.
Certifications (Preferred): Relevant industry certifications such as CompTIA Security+, GSEC, GIAC (e.g., GCIH, GCIA), or relevant Cloud Security certifications (e.g., GCP Professional Security Engineer) are highly desirable.
Certification or Experience supporting security technologies included but not limited to:
Web Application Firewall / Web Application & API Protection (WAF / WAAP)
Secure Access Service Edge / Secure Service Edge (SASE / SSE)
Public Key Infrastructure (PKI)
Security Incident & Event Monitoring (SIEM)
Data Leak Protection (DLP)
Endpoint Security
Network Detection & Response (NDR)
User & Entity Behavioral Analytics (UEBA)
Database Activity Monitoring (DAM)
CME Group: Where Futures are Made
CME Group is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.
At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.
Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here
As the world's leading derivatives marketplace, CME Group (www.cmegroup.com) is where the world comes to manage risk. CME Group exchanges offer the widest range of global benchmark products across all major asset classes, including futures and options based on interest rates, equity indexes, foreign exchange, energy, agricultural commodities, metals, weather and real estate. CME Group brings buyers and sellers together through its CME Globex® electronic trading platform and its trading facilities in New York and Chicago. CME Group also operates CME Clearing, one of the world’s leading central counterparty clearing provider in the world, which offers clearing and settlement services for exchange-traded contracts, as well as for over-the-counter derivatives transactions through CME ClearPort®. These products and services ensure that businesses everywhere can substantially mitigate counterparty credit risk in both listed and over-the-counter derivatives markets.
