Senior Cyber Security Engineer –Threat Simulation jobs in United States
cer-icon
Apply on Employer Site
company-logo

CME Group · 3 months ago

Senior Cyber Security Engineer –Threat Simulation

positionChicago - 20 S. Wacker
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$117K/yr - $194K/yr
date5+ years exp

CME Group is the world’s leading derivatives marketplace, and they are seeking a Senior Cyber Security Engineer – Threat Simulation to join their Global Information Security department. This role involves executing Red Team adversary emulations, enhancing the organization's cyber detection and response capabilities, and mentoring cyber defense teams during incident investigations.

FinanceFinancial ServicesMarketplaceStock Exchanges
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Execute high-impact Red Team exercises against our complex hybrid cloud environments, driven by real-world threat intelligence and the MITRE ATT&CK Framework
Engineer and maintain robust Red and Purple Team infrastructure, continuously automating processes for efficiency and scale
Co-design and lead joint Purple Team exercises, directly partnering with cyber defense to improve detection and response capabilities
Innovate through continuous research into new offensive security TTPs (Tactics, Techniques, and Procedures) and drive knowledge transfer across the security organization
Conduct specialized, ad-hoc offensive security tests utilizing industry-leading and internally developed tooling to uncover subtle security gaps
Author comprehensive post-exercise reports, including detailed technical findings, compromise narratives, and strategic, risk-rated recommendations for remediation
Mentor cyber defense teams during incident investigations, providing critical subject matter expertise on attacker tradecraft and mindset
Champion security awareness and technical knowledge-sharing by collaborating with information security, technology, and business stakeholders

Qualification

Penetration testing toolsMITRE ATT&CK FrameworkCloud security experienceScripting languagesOffensive security certificationTeam collaborationTechnical writingMentoring

Required

5+ years' experience wielding industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite)
Expert understanding of the MITRE ATT&CK Framework and advanced evasion techniques used to bypass modern security controls
Strong comprehension of the cyber kill chain and the full lifecycle of an Advanced Persistent Threat (APT) targeting financial institutions
Proficiency in at least one scripting language (e.g., Python, PowerShell) and experience with a compiled language (e.g., Go, C#) for tool development
Deep experience attacking and securing complex cloud, on-prem, and hybrid environments, from initial access through actions on objective
Solid knowledge of Windows and Linux system hardening concepts, Purple Team automation strategies, and vulnerability rating methodologies
Proven experience with security within at least one major cloud provider (e.g., AWS, Azure, GCP)

Preferred

Previous hands-on experience performing sophisticated adversary emulations/simulations specifically within the financial services sector
A recognized offensive security industry certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX) demonstrating specialized, high-impact skills
Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF)
Experience conducting offensive security exercises against emerging technologies, such as AI/ML systems or macOS

Benefits

Comprehensive health coverage
A retirement package that includes both a 401(k) and an active pension plan
Highly competitive education reimbursement provisions
Paid time off
A mental health benefit

Company

CME Group

twittertwittertwitter
Glassdoor4.0
company-logo
CME Group is a diverse derivatives marketplace that manages risk and capture opportunities.
dateFounded in 1848
location
Chicago, Illinois, USA
people-size1001-5000 employees
web-link
http://www.cmegroup.com

H1B Sponsorship

CME Group has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (1)
2023 (1)
2022 (3)
2021 (2)
2020 (9)

Funding

Current Stage
Public Company
Total Funding
$1B
Key Investors
Google
2021-11-04Post Ipo Equity· $1B
2002-12-06IPO

Leadership Team

leader-logo
Lynne Fitzpatrick
President and CFO
linkedin
leader-logo
Julie Holzrichter
Chief Operating Officer
linkedin

Recent News

Financial IT
DTCC Executives’ 2025 Year in Review And 2026 Outlook
2026-01-09
Business Insider
Congress might be taking a closer look at prediction markets, but don't bet on them going anywhere
2026-01-06
FX News Group
TradingView announces integration of CME options data
2025-12-26
Company data provided by crunchbase