Staff Security Engineer - Operations

About The Position

Requirements

• Proven experience (typically 5-7 years) in a progressive security operations or defense engineering role, with demonstrable experience in formal team leadership, mentorship, or technical management capacity.
• Demonstrated ability to lead and provide direction to technical teams virtually across diverse international locations and time zones during critical operational periods.
• Exceptional ability to communicate and collaborate effectively across diverse technical teams, and to provide professional guidance and clarity for non-technical consumers and senior executive stakeholders from various international locations.
• Practical expertise with Linux and Windows operating system security and hardening best practices.
• Solid understanding of networking and security protocols (TCP/IP, DNS, TLS) relevant to troubleshooting and architecting operational security solutions.
• Expert knowledge of security defense principles and practical expertise with enterprise security tools (e.g., SIEM, EDR, Vulnerability Management).
• Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Relevant combination of education and experience may substitute for a degree.
• Required Certification or Expert Experience supporting the following security technologies: Secure Access Service Edge (SASE / SSE) eg, SWG, CASB, ZTNA Web Application Firewall / Web Application & API Protection (WAF / WAAP) Public Key Infrastructure (PKI)

Nice To Haves

• Experience supporting Cloud Security Operations (GCP/AWS/Azure) is highly desirable, with a focus on governance and strategic implementation.
• Certifications (Preferred): Relevant advanced industry certifications such as CISSP, CISM, or advanced GIAC certifications are highly desirable (eg, GCIH, GCIA)
• Added Certification or Experience a plus in the following security technologies: Security Incident & Event Monitoring (SIEM) Data Leak Protection (DLP) Endpoint Security Enforcement Database Activity Monitoring (DAM) Network Detection & Response (NDR) User & Entity Behavioral Analytics (UEBA)

Responsibilities

• Incident Response Leadership & Governance: Act as the operational escalation point of contact and owner for regional weekend teams during incidents involving Cyber Defense Applications. Direct and coordinate global response efforts, ensuring clear, concise communication and a unified operational strategy across shifts until incident resolution/closure or handover.
• System Resiliency Coordination, Execution & Oversight: Assume full accountability for the definition, hands-on execution, and governance of security-related tasks during scheduled System Resiliency (Disaster Recovery) exercises. Oversee scheduled exercises as the regional team System Resilience Coordinator (SRC) to fulfill exercise responsibilities, ensure all coordination, issue management, documentation, and communication to stakeholders are handled to the highest standard and aligned with enterprise resilience policy.
• Change Management & Weekend Authority: Serve as regional authorized Cyber Defense Operations escalation point of contact for the weekly Saturday Change Status meetings. Validate, prioritize, and complete assigned weekend operational task work and change execution while ensuring adherence to policy and procedure.
• Tool Standardization and Maturity: Oversee the operational health, configuration, and maintenance lifecycle of security tools, ensuring collaborative alignment with peer and engineering teams across all time zones.
• Mentorship & Knowledge Transfer: Mentor, develop, and set direction for the two-person teams in Belfast, Bengaluru, and the U.S., focusing on elevating technical skills, advanced incident analysis, and consistent operational best practices. Participate in and drive knowledge transfer between regional shifts to minimize operational variance and uplift the global team's collective engineering capabilities.
• Operational Automation: Identify opportunities and guide the development, deployment and supportive documentation of automation scripts (Python preferred) to enhance security control process, effectiveness and team efficiency across the regional operations.
• Documentation & Standards Auditing: Conduct comprehensive, periodic quality reviews and audits of operational documentation, runbooks, and procedures used by the regional teams to ensure consistency, clarity, and adherence to security policy and regulatory requirements.

Benefits

• CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future.
• Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program.
• From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents.