Senior Governance, Risk & Compliance Incident Analyst

Description:

The Sr Governance, Risk & Compliance Incident Analyst is responsible for performing activities to manage, respond to and resolve incidents where there is suspected unauthorized collection, use, access, or modification of data in accordance with established processes and procedures. This includes performing initial analysis of the origin of an incident, handling documentation and project management aspects of the incident response process and collaborating with other teams to resolve incidents and further strengthen the incident management process .  The Sr Analyst will serve as the primary responder and lead incidents on behalf of the Information Governance team within Governance, Risk & Compliance.

Principal Accountabilities:

• Serves as the point of contact for compliance-related incidents, leading the investigation and completion of resolution tasks for most incident types and severities within Information Governance. 

• Documents incident tasks and updates within the incident management system in a timely manner, working with the Global Information Security team to investigate, diagnose and resolve incidents, when applicable.

• Escalates and engages with management, legal and compliance officers and other relevant teams according to documented procedures.  

• Manages incident communications, including establishing/scheduling bridge lines and periodic incident update calls with internal and external stakeholders.

• Facilitates resolution activities with internal and external resources. 

• Remains highly responsive, available, and manages deadlines in accordance with service level expectations.  

• Monitors incidents to ensure tasks are being completed in a timely manner, providing management with regular status reports. 

• Participates in activities to identify incident trends and corresponding analysis.

• Collaborates with the Global Information Security team and Manager, Privacy & Incident Mgt, to continually strengthen and improve the program’s processes.

• Maintains procedures, including incident response plans, which detail how the company responds to incidents. 

• Remains abreast of privacy, confidentiality, and legal incident/breach requirements. 

• When workload permits, assists team members with Information Governance tasks. 

Skills and Requirements:

• Highly self-motivated and detail-oriented.

• Proven ability to prioritize, multitask, and thrive in a fast-paced, collaborative environment.

• Strong analytical, problem-solving, and critical thinking skills. 

• Excellent communication and interpersonal skills.

• Ability to maintain a high-degree of confidentiality. 

• Familiar with data privacy and incident management best practices.

Education and Experience:

• Bachelor’s degree (Level 8): Computer Information Systems, Computer Science, Information Systems Management, Privacy, Records Management or equivalent educational or professional experience and/or qualifications.

• 2-5 years of experience with Incident Management or other relevant experience. 

• Familiarity with incident management solutions (e.g., RSA Archer) and Google Workspace is a plus.

CME Group : Where Futures are Made

CME Group is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.

At CME Group, we embrace our employees' diverse experiences, cultures and skills, and work to ensure that everyone’s perspectives are acknowledged and valued. As an equal opportunity employer, we recognize the importance of a diverse and inclusive workplace and consider all potential employees without regard to any protected characteristic. 

Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.