Staff Security Engineer - Operations in Belfast

As a Staff Security Engineer - Operations within Global Information Security (GIS), you will serve as the technical leader, establishing the direction and accountability for our weekend operational defense posture. This role is responsible for ensuring seamless, high-quality / hands-on execution of security operations and governance across our distributed, two-person weekend teams located in Bengaluru, Belfast, and the US (New York/Chicago). You will be accountable for setting operational standards and ensuring consistent, high-quality delivery during the non-traditional trading window. This position is a critical component of our comprehensive "Follow-the-Sun" support model, vital to achieving 24/7 market protection.

Your primary focus will be on global incident response efforts, scheduling and execution of change management tasks, running disaster recovery procedures and driving continuous, global operational maturity across all shifts.

Specific Deployment (Shift Allowance)

• Initial Training Schedule: Until the selected candidate is fully up to speed on our specific technologies and environment, the work schedule will be Monday - Friday business hours, working alongside existing Cyber Defense Operations engineers for onboarding, training and ramp-up.
• Target Shift Schedule: This position is essential to completing our 24/7 operational coverage. After an initial training period, this role will transition to a weekend-concentrated four (4) eleven-hour shifts per week (specifically Friday through Monday, 10 working hours plus 1 hour for lunch). This shift grants three (3) consecutive days off every week.

In-Office Requirement: This position requires a minimum 2-day per week in-office presence. Candidates must be within commutable distance of CME Group Belfast office.

Core Responsibilities & Focus

• Incident Response Leadership & Governance: Act as the operational escalation point of contact and owner for regional weekend teams during incidents involving Cyber Defense Applications. Direct and coordinate global response efforts, ensuring clear, concise communication and a unified operational strategy across shifts until incident resolution/closure or handover.
• System Resiliency Coordination, Execution & Oversight: Assume full accountability for the definition, hands-on execution, and governance of security-related tasks during scheduled System Resiliency (Disaster Recovery) exercises. Oversee scheduled exercises as the regional team System Resilience Coordinator (SRC) to fulfill exercise responsibilities, ensure all coordination, issue management, documentation, and communication to stakeholders are handled to the highest standard and aligned with enterprise resilience policy.
• Change Management & Weekend Authority: Serve as regional authorized Cyber Defense Operations escalation point of contact for the weekly Saturday Change Status meetings. Validate, prioritize, and complete assigned weekend operational task work and change execution while ensuring adherence to policy and procedure.
• Tool Standardization and Maturity: Oversee the operational health, configuration, and maintenance lifecycle of security tools, ensuring collaborative alignment with peer and engineering teams across all time zones.
• Mentorship & Knowledge Transfer: Mentor, develop, and set direction for the two-person teams in Belfast, Bengaluru, and the U.S., focusing on elevating technical skills, advanced incident analysis, and consistent operational best practices. Participate in and drive knowledge transfer between regional shifts to minimize operational variance and uplift the global team's collective engineering capabilities.
• Operational Automation: Identify opportunities and guide the development, deployment and supportive documentation of automation scripts (Python preferred) to enhance security control process, effectiveness and team efficiency across the regional operations.
• Documentation & Standards Auditing: Conduct comprehensive, periodic quality reviews and audits of operational documentation, runbooks, and procedures used by the regional teams to ensure consistency, clarity, and adherence to security policy and regulatory requirements.

Required Competencies:

• Experience: Proven experience (typically 5-7 years) in a progressive security operations or defense engineering role, with demonstrable experience in formal team leadership, mentorship, or technical management capacity.
• Leadership & Coordination: Demonstrated ability to lead and provide direction to technical teams virtually across diverse international locations and time zones during critical operational periods.
• Communication and Governance: Exceptional ability to communicate and collaborate effectively across diverse technical teams, and to provide professional guidance and clarity for non-technical consumers and senior executive stakeholders from various international locations.
• Practical expertise with Linux and Windows operating system security and hardening best practices.
• Solid understanding of networking and security protocols (TCP/IP, DNS, TLS) relevant to troubleshooting and architecting operational security solutions.
• Expert knowledge of security defense principles and practical expertise with enterprise security tools (e.g., SIEM, EDR, Vulnerability Management).
• Experience supporting Cloud Security Operations (GCP/AWS/Azure) is highly desirable, with a focus on governance and strategic implementation.

Formal Education, Certifications & Experience

• Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Relevant combination of education and experience may substitute for a degree.
• Certifications (Preferred): Relevant advanced industry certifications such as CISSP, CISM, or advanced GIAC certifications are highly desirable (e.g., GCIH, GCIA).
• Certification or Expert Experience supporting security technologies including but not limited to: Secure Access Service Edge (SASE / SSE) e.g., SWG, CASB, ZTNA; Security Incident & Event Monitoring (SIEM); Data Leak Protection (DLP); Endpoint Security Enforcement; Web Application Firewall / Web Application & API Protection (WAF / WAAP); Database Activity Monitoring (DAM); Public Key Infrastructure (PKI); Network Detection & Response (NDR); User & Entity Behavioral Analytics (UEBA).

Company Benefits:

• Bonus Programme
• Equity Programme
• Employee Stock Purchase Plan (ESPP)
• Private Medical and Dental coverage
• Mental Health Benefit Programme
• Group Pension Plan
• Income Protection
• Life Assurance
• Cycle To Work
• EV Car Benefit Scheme
• Gym Membership
• Family Leave
• Education Assistance - MBA/Advanced Degree/Bachelor Degree
• Ongoing Employee Development Training/Certification
• Hybrid Working

CME Group is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it - all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone's perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process.