Sr. Security Engineer - Red Team - NY

Join the Global Information Security (GIS) department at CME Group as a Sr. Cyber Security Engineer - Threat Simulation. You will be an integral part of our Offensive Security organization, directly contributing to improving CME Group’s security posture. This high-impact role is responsible for the execution of Red Team adversary emulations against our complex hybrid environment, proactively testing and strengthening our internal and internet-facing systems. You'll also be a key participant in Purple Team activities to continuously improve the organization's cyber detection and response capabilities. This is a perfect opportunity for a sharp, action-oriented engineer to become a key part of a team of highly skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. What You'll Get Elevate your expertise in a supportive environment fostering continuous learning, rapid career progression, and an inclusive, global team culture. Gain broad exposure to CME Group's diverse products, asset classes, and cross-functional teams, expanding your impact across critical financial infrastructure. Receive a competitive salary and comprehensive benefits package. What You'll Do As a key member of our offensive security team, you will: Execute high-impact Red Team exercises against our complex hybrid cloud environments, driven by real-world threat intelligence and the MITRE ATT&CK Framework. Engineer and maintain robust Red and Purple Team infrastructure, continuously automating processes for efficiency and scale. Co-design and lead joint Purple Team exercises, directly partnering with cyber defense to improve detection and response capabilities. Innovate through continuous research into new offensive security TTPs (Tactics, Techniques, and Procedures) and drive knowledge transfer across the security organization. Conduct specialized, ad-hoc offensive security tests utilizing industry-leading and internally developed tooling to uncover subtle security gaps. Author comprehensive post-exercise reports, including detailed technical findings, compromise narratives, and strategic, risk-rated recommendations for remediation. Mentor cyber defense teams during incident investigations, providing critical subject matter expertise on attacker tradecraft and mindset. Champion security awareness and technical knowledge-sharing by collaborating with information security, technology, and business stakeholders. What You'll Bring We're looking for an engineer with a robust offensive mindset and a proven track record of breaking and building in complex enterprise environments. Technical Mastery 5+ years’ experience wielding industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite). Expert understanding of the MITRE ATT&CK Framework and advanced evasion techniques used to bypass modern security controls. Strong comprehension of the cyber kill chain and the full lifecycle of an Advanced Persistent Threat (APT) targeting financial institutions. Proficiency in at least one scripting language (e.g., Python, PowerShell) and experience with a compiled language (e.g., Go, C#) for tool development. Deep experience attacking and securing complex cloud, on-prem, and hybrid environments, from initial access through actions on objective. Solid knowledge of Windows and Linux system hardening concepts, Purple Team automation strategies, and vulnerability rating methodologies. Proven experience with security within at least one major cloud provider (e.g., AWS, Azure, GCP). Nice to Haves: Previous hands-on experience performing sophisticated adversary emulations/simulations specifically within the financial services sector. A recognized offensive security industry certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX) demonstrating specialized, high-impact skills. Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF). Experience conducting offensive security exercises against emerging technologies, such as AI/ML systems or macOS. CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The pay range for this role is $131,900-$219,800. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents. CME Group: Where Futures are Made CME Group is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more. At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic. Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here. As the world’s leading derivatives marketplace, CME Group is where the world comes to manage risk. We enable clients to trade futures, options, cash and OTC markets, optimize portfolios, and analyze data – empowering market participants worldwide to efficiently manage risk and capture opportunities. CME Group exchanges offer the widest range of global benchmark products across all major asset classes based on interest rates, equity indexes foreign exchange energy agricultural products and metals. We meet uncertainty and volatility with confidence and clarity, across the trading lifecycle and around the world. Hear more about our employee experience Get a look inside CME Group and see what makes us tick A rewarding career is only the beginning Best Place to Work Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Additionally, CME Group does not communicate with job applicants over Telegram. Learn more here. For U.S. employment, CME Group is legally required to validate a new hire’s employment eligibility by having them complete an Employment Eligibility Verification (Form I-9) companied with legally acceptable proof of identity and work authorization (as listed on the Form I-9). CME Group uses E-Verify, which is an online system operated by the U.S. Department of Homeland Security in partnership with the Social Security Administration to verify employment eligibility and validate social security numbers. Through participation in the E-Verify program, information entered on Form I-9 will be provided and compared to information available at both of these agencies. See posters below for more details. E-Verify Notice E-Verify Notice Español U.S. Right to Work Notice U.S. Right to Work Notice Español

For more details click Apply Now.