Intercontinental Exchange Holdings, Inc.
Engineer, Information Security GRC
Intercontinental Exchange Holdings, Inc., Atlanta, Georgia, United States, 30383
Overview:
Job PurposeThe Engineer, Information Security GRC is part of a team responsible for the global Information Security program. The role would gain exposure to the full suite of businesses and products which underpin the Parent ICE company.Information Security (IS) is charged with:Preventing impactful cybersecurity and physical security incidents,maintaining a reputation with customers, regulators, and key stakeholders as running a best-in-class cybersecurity and physical security program, andavoiding negative impact to business agility and growth from cybersecurity and physical security policies and controls.Governance, Risk, and Compliance maintain said policies, ensure controls are operating effectively via assessment and attestation, and own the vulnerability management program to identify and correct any problems within.ResponsibilitiesSecurity Metrics Uses automated and manual processes to produce regular reports communicating the status of the Information Security programPolicies and Procedures Maintains corporate Information Security policies and departmental procedures and maps them to relevant control standardsRegulator, Audit, and Customer Inquiries Organizes and updates departmental documentation and responds to inquiries in an organized and repeatable fashionRecertification Operates periodic processes to ensure hire, transfer, and termination protocols are complied with and regular access reviews are conductedSecurity Awareness Builds and maintains company awareness and education programsRisk Assessment Builds and operates the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activityKnowledge and ExperienceUniversity degree in Information Security, Engineering, MIS, CIS, or related discipline3 or more years of relevant work experienceExperience in Cybersecurity Framework (such as NIST, COBIT)Experience with Systems Administration and/or IP Networking is a plusExperience with Regulatory ComplianceExperience in an exchange, trading facility, or financial services a plusExperience in Customer communication and Vendor evaluationExperience with senior management and board metrics generation and communicationAdvanced certifications (for example, the CISSP)Advanced technical writing and/or communication education and experienceSpecific TechnologiesExcel, Workflow automation tools, Data collection, normalization, indexing, correlation, and visualization. Scripting, regular expressions, string-parsing, light SDLC, and project management. NIST Cyber Security Framework, CIS, and GRC Platforms.ScheduleThis role offers work from home flexibility of 1 day per week.Intercontinental Exchange, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.#LI-AR1#LI-Hybrid
Job PurposeThe Engineer, Information Security GRC is part of a team responsible for the global Information Security program. The role would gain exposure to the full suite of businesses and products which underpin the Parent ICE company.Information Security (IS) is charged with:Preventing impactful cybersecurity and physical security incidents,maintaining a reputation with customers, regulators, and key stakeholders as running a best-in-class cybersecurity and physical security program, andavoiding negative impact to business agility and growth from cybersecurity and physical security policies and controls.Governance, Risk, and Compliance maintain said policies, ensure controls are operating effectively via assessment and attestation, and own the vulnerability management program to identify and correct any problems within.ResponsibilitiesSecurity Metrics Uses automated and manual processes to produce regular reports communicating the status of the Information Security programPolicies and Procedures Maintains corporate Information Security policies and departmental procedures and maps them to relevant control standardsRegulator, Audit, and Customer Inquiries Organizes and updates departmental documentation and responds to inquiries in an organized and repeatable fashionRecertification Operates periodic processes to ensure hire, transfer, and termination protocols are complied with and regular access reviews are conductedSecurity Awareness Builds and maintains company awareness and education programsRisk Assessment Builds and operates the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activityKnowledge and ExperienceUniversity degree in Information Security, Engineering, MIS, CIS, or related discipline3 or more years of relevant work experienceExperience in Cybersecurity Framework (such as NIST, COBIT)Experience with Systems Administration and/or IP Networking is a plusExperience with Regulatory ComplianceExperience in an exchange, trading facility, or financial services a plusExperience in Customer communication and Vendor evaluationExperience with senior management and board metrics generation and communicationAdvanced certifications (for example, the CISSP)Advanced technical writing and/or communication education and experienceSpecific TechnologiesExcel, Workflow automation tools, Data collection, normalization, indexing, correlation, and visualization. Scripting, regular expressions, string-parsing, light SDLC, and project management. NIST Cyber Security Framework, CIS, and GRC Platforms.ScheduleThis role offers work from home flexibility of 1 day per week.Intercontinental Exchange, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.#LI-AR1#LI-Hybrid