Director- Application Security Architecture job in Chicago, IL| Recruit Arrow
Recruit Arrow
Email Password
Forgot your password?
Welcome, Guest! New User?
Tell a Friend
Success Stories
From my very first contact with Recruit Arrow, through the application process, interviews, and my acceptance of the position, this service was an invaluable asset. My recruiter gave me insight into the company by sharing her own experiences and views.


Job Search

What


 job title, keywords

Where


 city, state, zip






JOB CENTER

Your Window to a World of Opportunities


Welcome to Recruit Arrow's Job Center. We offer you the ability to stay current in numerous specialized job markets, including marketing, advertising, and engineering just to name a few, by subscribing to our Newsletter and Real-Time Job Updates; to subscribe click here.

If you do not yet have an account with Recruit Arrow, we encourage you to sign up for a new account by submitting your resume. An account will allow you to make our search consultants aware of the jobs that you are interested in, view new jobs that match your search settings, modify your search settings, submit a new resume, and take advantage of other useful features.

We are pleased that your assessment of options has led you to Recruit Arrow, and we invite you to browse our website to learn more about our firm and the career opportunities we offer. If you would like to be considered for an professional position, feel free to submit your resume.


Select from the options below to begin your search.


Locations:
(hold down ctrl to choose multiple locations)
City Name:

Primary Field:

Minimum Years of Experience:

Keyword:

1 matches | 1 - 1 displayed 
 1 

Title
Director- Application Security Architecture
Location : Illinois, Chicago
Refer job # TAZQ337778
 
Job Responsibilities and Requirements: This role will help forecast demand for Application Architecture services by meeting with CME business units to better understand their needs. This role will also help determine necessary resource levels to support those business units needs. Financial: This role will make staffing recommendations for the GIS Application Security Architecture Team. Establishing and operating the Application Security Architecture Program, including: business processes, policies, standards, and prioritization of activities Communicate and collaborate with cross-functional peers outside of the Technology Division, including General Counsel, Records Retention, Global Assurance, Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Work collaboratively with various CME Group teams including I&O, E&E, APM, Enterprise Risk Management and Compliance teams to establish Security Standards and Reference Architectures and actively participates in Communities of Practice to ensure effective adoption of security and continuous improved. Drive objectivity and build consensus among internal and external stakeholders with widely divergent perspectives and drivers. Interact with industry peers from other SIFMUs, research organizations, solution providers, etc. Lead application security assessments and assist in planning the remediation of assessment, audit, and regulatory findings. Participate in and contribute to key working groups across the enterprise, including but not limited to: Architecture Review Board and/or change advisory boards. Prepare reports for senior management including presentations, metrics, and other documentation required to support governance functions. Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly assess and govern application architecture and software development lifecycle. Day-to-day Strategic Visioning: manage security standards and reference architectures to ensure adequate security controls throughout CME Groups systems and technologies Management of the security road-map, and communicate securities vision to business partners and IT staff Actively participate in Communities of Practice to ensure effective adoption and continuous improvement of security efforts Act as an advocate for security and lead efforts to promote security awareness at all levels of the organizations Act as primary contact and respond to questions or actions related to software security audits Ensure that all risk considerations are identified and addressed with new and modified software Monitor and enhance secure coding standards within the Software Development Lifecyle Identify and establish core architectural mechanisms to enhance the security of software Support larger architectural projects while leading and managing internal projects Perform blackbox / greybox / whitebox security assessments Provide consultation on secure application design This role will influence and collaborate regularly with various peers via steering committees, standards and policy governance teams and other group settings that formulate CME Group security policies, standards, and reference architectures. This role will lead formation of policies, standards, reference architectures, process and procedures as they related to application architecture at CME Group. Education: A Bachelor's or Master's degree in Computer Science, Information Systems or other related field; or equivalent work experience. Experience 7 years of experience at director or manager level in publicly traded companies or finance/technology industry operations; OR minimum 7 years as a consultant to such companies at a commensurate level. Experience with or deep exposure to the financial industry, focused on clearing or trading Demonstrable knowledge of a broad range of Information Security technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Demonstrable communication capabilities including oral presentation and ability to present in front of executive leadership Demonstrable experience coordinating multiple concurrent issues, in high-pressure situations 10 years of application security analysis, design and application development OR demonstrated ability to meet job requirements through a comparable number of years of technical work experience Advanced knowledge of blackbox/greybox/whitebox security assessments and application pen testing 5 years performing manual reviews of application source code for security vulnerabilities written in various languages including: Java, .Net (C#, VB#), C , Expert in application security testing tools including: Burpsuite, sqlmap, nmap Experience with application reverse engineering and using tools such as: Java decompilers, .Net decompilers, IDAPro, etc. Experience with scripting languages such as: Python, bash, Powershell, etc. Experience with drafting of standard, reference architecture, policies, procedures and implementation guidelines Extensive experience with the Build Security In Maturity Model (BSIMM) methodology and assessment process High understanding of entire development process, including specification, documentation and quality assurance High degree of understanding in the theories, methodologies and principals underlying secure technical analysis, design and implementation of software applications, systems, and databases Candidates must have proven ability to build value propositions, business cases, & drive results as part of a larger project or program team SSCP or other industry certifications are desirable. PMP is a plus Relevant experience designing, implementing, and supporting large scale solutions Experience with Cryptographic Services Experience with Amazon Web Services Certifications Preferred: one or more certifications, including: o CISSP o CISA o GIAC o GSEC o EnCE o GWAPT o OSCP/OSWE As the world s leading and most diverse derivatives marketplace, CME Group ( ***) is where the world comes to manage risk.
 
Contact the Following Recruit Arrow Office:
Los Angeles
202 S Lake Ave, Unit 250
Pasadena, California 91101
Email: jobs@recruitarrow.com
 
[Apply Now] [Email to a Colleague] [Permalink]

Tweet This



1 matches | 1 - 1 displayed 
 1 
Newsletter and Job Updates