Cloud Security Engineer - III

The Infrastructure Cloud Security Engineer participates as a member of CME’s Infrastructure Security Architecture team to develop cloud security requirements and implement security controls in support of CME’s cloud environments. This role requires technical expertise in security and information technology. The ideal candidate will possess technical expertise in two or more technology and information security domains, for example: cloud computing (GCP, AWS, Azure), virtualization and containers, DevSecOps, networking, SIEM and log management, identity and access management, and zero trust technologies.

Principal Accountabilities

• Work with Cloud Security Governance team members to research and develop cloud security
  
  

Requirements

• Work with security developers to deploy and implement cloud security controls to enforce
  
  

Requirements

• Develop code and scripts to provision and configure cloud resources and security controls
• Participate in operational support activities for cloud security controls. This includes responding
  
  

to internal support requests and working with developers to help resolve issues.

• Contribute to operational support activities of security tooling workloads running in Kubernetes
  
  

Engine

• Work with cloud security tech writers to develop and maintain documentation to help
  
  

development teams understand cloud security requirements and how to address cloud security

violations

• Contribute content to security standards and processes
• Work with product owners and engineers to support the secure implementation of cloud
  
  

platform capabilities

• Support the publication of metrics and reporting on security controls and remediation status for
  
  

consumption by developers and project teams

Experience

• 5+ years of experience working in Information Security
• Basic experience with some programming languages: Python, Go, Bash, etc
• Experience with public cloud platforms. Experience with Google Cloud is preferred, but AWS or
  
  

Azure are also acceptable

• Experience with containers and container orchestration platforms. Experience with Kubernetes
  
  

and GCP GKE is preferred.

• Experience with Open Policy Agent (OPA), Terraform, and Kubernetes Config Controller (KCC) is
  
  

desirable

• Experience with common cloud provider tools and languages like Google Cloud SDK, Kubectl,
  
  

Jenkins, Argo, and Git

• Experience with application deployments in the Cloud (AWS, GCP, Azure)
• Familiarity with the Atlassian tools like Confluence and Jira is desirable
• Experience developing security documentation in a continuous software development
  
  

environment

• Strong communication skills and an ability to develop material and present to a broad range of
  
  

stakeholders, including senior levels of management and executive stakeholders

• Familiarity with security and regulatory frameworks (CIS, NIST, RegSCI, HIPAA, etc.)
• Can learn highly technical products quickly, using pre-release software and internal
  
  

documentation

• Can work remotely, especially in collaboration with others across countries and time zones
  
  

Education

A Bachelor's or Mastes's degree in Computer Science, Information Systems or other related field; orequivalent work experience.

CME Group : Where Futures are Made

CME Group is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.