Cybersecurity Auditor

Job Description The Cybersecurity Auditor is a Specialist that will be the subject matter expert in all audit matters related to cybersecurity as well as support of technical audit and advisory projects for existing technologies as well as emerging - across infrastructure, security, and network domains including on-prem solutions and cloud. With technology supporting every facet of our company, this role will require close collaboration with members of the Cboe Internal Audit team to support not only IT audit centric projects, but the execution of operational, regulatory, data analytics or advisory projects. The other key responsibility of the successful candidate is driving the Internal Audit Department’s continuous improvement initiatives including, but not limited to, cybersecurity auditing and assurance techniques, the design and development of process automation, data analytics, machine learning, and system integration in support of the global Internal Audit plan. Responsibilities Leading and supporting the execution of technical IT audit or advisory projects, such as: Serve as a primary interface between Information Security and Internal audit for all security related audits and findings including annual penetration testing Investing time gaining a thorough understanding of Cboe’s technologies and processes Applying that knowledge to perform risk-based planning and scoping Assessing IT and process risks and controls/requirements. Developing and applying different audit methodologies and tests Providing formal feedback focused on addressing root cause of identified issues Providing ongoing oral feedback or challenge regarding technical IT risk and controls topics Assisting in the development of the annual audit and resource planning process, including linking Cboe’s strategic initiatives to technology risks Working with stakeholders across Cboe’s global IT environment to meet company objectives Anticipating and proactively addressing project issues or concerns, applying thoughtful judgment and elevating to management as appropriate Monitoring the status and resolution of open audit issues and action plans Supporting regulatory and compliance requests related to technical IT audit requests and/or projects Performing developer and administrator duties related to third-party Audit Management software (Onspring) to develop streamlined processes, enhance user interface and enforce data security Introducing and implementing new ideas or concepts – i.e., agile audit methods, continuous auditing, data analytics, and automation Providing guidance and training on technical IT topics to other team members Requirements Bachelor’s degree required, preferably in Computer Science, Computer Engineering, Cybersecurity, Information Systems or other technical related field Minimum four years of experience in a technical field; Cybersecurity preferred Possessing or currently pursuing a technical IT-related certification such as Security , CISSP, CISM, CISMP or related certification Proven ability to learn new technology concepts quickly and ability to develop global solutions for complex IT risks. Ability to navigate through ambiguity, manage and coordinate multiple project assignments in a deadline-driven environment, and accept ownership of the process and results Strong analytical problem-solving skills with attention to detail and accuracy; able to work independently Strong knowledge of cyber security process domains and related frameworks (e.g., NIST) and architecture, including cloud security Strong technical knowledge at the application, network, operating system, and database layers (e.g., Windows, Linux or UNIX-like operating systems, Postgres SQL, Python) Excellent oral communication skills The Cboe Experience Whether you are just beginning your career or are a senior-level professional, working at Cboe will offer you countless opportunities to develop skills, make an impact through meaningful contributions, and gain rich experiences at an accelerated pace. By working collaboratively with smart, genuine and hardworking colleagues, you will build enduring relationships through frequent collaboration that will serve you well throughout your career, regardless of your chosen path. And, along your exceptional career journey at Cboe you’ll receive amazing benefits and robust rewards. Equal Employment Opportunity We're proud to be an equal opportunity employer - and celebrate our associates' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. #LI-CP1 Any communication from Cboe regarding this position will only come from a Cboe recruiter who has a @cboe.com email or via LinkedIn Recruiter. Cboe does not use any other third party communication tools for recruiting purposes. Cboe is always looking for intelligent, innovative and hard-working individuals. Our success is based on our talented team of industry and technology professionals, which we believe is the strongest in the industry, and we pride ourselves on hiring the best and brightest. Cboe Global Markets is an Equal Opportunity Employer. For more information, please click the following links: Equal Employment Opportunity is The Law (in English) Equal Employment Opportunity is The Law (in Spanish) Equal Employment Opportunity is The Law (Supplement) E-Verify Participation Poster (English & Spanish) Right to Work Poster (English) Right to Work Poster (Spanish) If you have been contacted about a job opening at Cboe by someone that does not have a @cboe.com email, this is NOT a trusted source. Cboe only utilizes emails from @cboe.com or Linkedin messaging for recruitment purposes. Cboe does not use any other third-party messaging applications. We recommend that you refrain from responding to Cboe recruitment emails that are not from a cboe.com email address and to file a complaint with the Internet Crime Complaint Center IC3 at https://www.ic3.gov/. If you have further questions, please reach out to the Cboe HR team at cboehr@cboe.com