Information Security Specialist - Flexible Hybrid (Chicago, IL, Lenexa, KS or London)

Cboe Global Markets, Inc.
London
4 months ago
Applications closed

Related Jobs

View all jobs

Information Security Specialist

Cyber Security Project Manager

Information Security Consultant

Information Assurance Security Manager

Security Compliance Specialist

AI - Internal Technical Security Consultant

Description

Building trusted markets — powered by our people.

At Cboe, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world.

We’re building inclusive ways to support professional and personal development while strengthening the trust we’ve earned as a global market leader. Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access to opportunity, we encourage our people to “go for it” and equip our managers with the training to coach their teams to the next level. Our Associate Resource Groups champion diversity, equity and inclusion, giving employees a safe space to network, share ideas and create opportunities.

Sound like the place for you? Join us!

The Global Cyber Governance Center is hiring for an Information Security Specialist. The Information Security Specialist at Cboe will focus on cyber risks management strategies across the organization. The position requires an individual with an IT and controls-related background, proficiency in security standards, deep understanding of cyber risk management, and the ability to recommend the implementation of robust security controls. The Information Security Specialist will play a critical role in safeguarding our digital assets and ensuring the integrity and security of our information systems. In addition, the Security Specialist will be responsible for assisting in the overall Security Governance efforts and may be required to assist with Internal Audit and external regulatory compliance remediation.

Responsibilities

Conduct comprehensive risk assessments to identify potential threats and vulnerabilities in the organization’s IT infrastructure, networks, and physical locations. Evaluate the effectiveness of existing security measures and recommend improvements. Utilize risk assessment methodologies and tools to evaluate security posture. Collaborate with IT and other departments to implement effective security controls and measures. Develop and maintain security policies, procedures, and guidelines according to industry best practices and regulatory requirements. Develop comprehensive security strategies and plans to address identified risks, including preventive, detective, and corrective controls. Conduct regular security controls testing to identify weaknesses in current security systems and procedures and recommend improvements. Prepare and present regular reports on the organization’s cyber risk posture to senior management. Ensure compliance with relevant industry standards and regulations (e.g., DORA, CFTC, Reg-SCI, etc.). Assist with regulatory exams by obtaining documentation, drafting responses to regulator inquiries, and helping develop security action plans. Stay current with the latest cybersecurity trends, threats, and technologies, and provide recommendations for improvement.

Qualifications

Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Assurance, or a related field. Minimum of 5 years of experience in information security, assurance, or cyber risk management. Professional certifications such as CISSP, CISM, CRISC, or equivalent is desirable Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, COBIT). Experience in developing and implementing security policies, procedures, guidelines, and conducting risk assessments. Working knowledge of security tools and technologies, such as SIEM, IDS/IPS, firewalls, cloud services and endpoint protection. Strong analytical and problem-solving skills. Exceptional communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.

Benefits and Perks

We value the total wellbeing of our people – including health, financial, personal and social wellness. We believe standard benefits like health insurance and fair pay are a given at any organization. Still, you should know we offer:

Fair and competitive salary and incentive compensation packages with an upside for overachievement Generous paid time off, including vacation, personal days, sick days and annual community service days Flexible, hybrid work environment Health, dental and vision benefits, including access to telemedicine and mental health services 2:1 401(k) match, up to 8% match immediately upon hire Discounted Employee Stock Purchase Plan Tax Savings Accounts for health, dependent and transportation Employee referral bonus program Volunteer opportunities to help you give back to your communities

Some of our employees’ favorite benefits and perks include:

Complimentary lunch, snacks and coffee in any Cboe office Paid Tuition assistance and education opportunities Generous charitable giving company match Paid parental leave and fertility benefits

#LI-CP2

#LI-Hybrid

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Contract vs Permanent Cybersecurity Jobs: Which Pays Better in 2025?

Cybersecurity has become one of the fastest-growing and most crucial fields in modern business. With high-profile breaches dominating headlines and the ongoing digital transformation exposing organisations to new threats, companies across the UK are competing to attract skilled cybersecurity professionals. Roles range from penetration testers (pen testers) and SOC (Security Operations Centre) analysts to compliance officers, cloud security architects, threat intelligence analysts, and CISOs (Chief Information Security Officers). As demand continues to surge, cybersecurity salaries have climbed accordingly, and businesses have turned to more flexible hiring practices. Alongside permanent employment, many professionals explore short-term day‑rate contracting or fixed-term contracts (FTCs), searching for the ideal balance of pay, job security, and growth opportunities. Which arrangement truly pays better in 2025—and which best aligns with your ambitions? In this article, we dive into the contract vs. permanent debate with a focus on cybersecurity roles. We will examine the current market, the structure of day‑rate vs. FTC vs. permanent positions, the pros and cons of each, and some hypothetical pay comparisons. By the end, you should have a clearer sense of which career path might suit your situation and goals—whether you are a seasoned specialist aiming for top rates, or an up-and-coming analyst seeking a stable environment to develop in.

Cyber Security Jobs for Non‑Technical Professionals: Where Do You Fit In?

Defence Needs More Than Hackers in Hoodies When headlines warn of ransomware crippling hospitals or deepfakes swaying elections, we picture hoodie‑clad hackers and elite penetration testers. Yet the reality of the UK’s cyber security sector is broader—and desperately short of talent. The Department for Science, Innovation & Technology (DSIT) estimates a shortfall of 11,200 cyber security professionals in 2024, while 43 % of advertised roles require governance, risk or communication skills rather than hands‑on technical exploits. Put plainly: if you can guide policy, manage projects, interpret regulations or inspire behaviour change, cyber security wants you. This guide highlights the fastest‑growing non‑technical roles, the transferable skills you already possess, and a concrete 90‑day plan to land a cyber security job—no packet sniffers required.

BAE Systems Cybersecurity Jobs in 2025: Your Complete UK Guide to Protecting Governments, Businesses and Critical Infrastructure

From securing the Royal Navy’s new Dreadnought submarines to foiling multimillion‑pound fraud rings, BAE Systems Digital Intelligence (DI)—formerly Detica—sits at the sharp end of global cyber defence. Head‑quartered in Guildford with hubs in Gloucester, Leeds and London, the 5,500‑strong DI business delivers threat‑intelligence platforms, secure‑by‑design software and 24/7 SOC services to government and commercial clients worldwide. With escalating ransomware, AI‑driven disinformation and complex supply‑chain threats, BAE plans to expand its UK cyber workforce by 20 % in 2025. Whether you’re a graduate passionate about reverse engineering, a DevSecOps engineer who loves IaC, or an incident‑response pro comfortable in high‑side environments, this guide explains how to land a BAE Systems cybersecurity job in 2025.