Role overview
Join the Global Information Security (GIS) department at CME Group a Purple/Red Team Engineer III - Threat Simulation. You will be an integral part of our Offensive Security organization, directly contributing to improving CME Group’s security posture. This high-impact role is a major contributor for the execution of Purple Team cyber exercises on internal and internet facing information systems and infrastructure.
You’ll also play a significant role in the execution of Red Team adversary emulations against our complex hybrid environment, proactively testing and strengthening our internal and internet-facing systems.
This is a perfect opportunity for a sharp, action-oriented engineer to become a key part of a team of highly skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure.
What You Will Do
As a key member of our offensive security team, you will:
Drive the design and hands-on execution of Purple Team exercises, directly partnering with cyber defense to improve detection and response capabilities.
Participate in the execution of high-impact Red Team exercises against our complex hybrid cloud environments, driven by real-world threat intelligence and the MITRE ATT&CK Framework.
Engineer and maintain robust Red and Purple Team infrastructure, continuously automating processes for efficiency and scale.
Become a perpetual student of Purple and Red craft, constantly researching, learning and sharing knowledge of the latest offensive security TTPs (Tactics, Techniques, and Procedures) across the security organization.
Conduct specialized, ad-hoc offensive security tests utilizing industry-leading and internally developed tooling to uncover subtle security gaps.
Contribute to the authoring of comprehensive post-exercise reports, including detailed technical findings, compromise narratives, and strategic, risk-rated recommendations for remediation.
Assist cyber defense teams during incident investigations providing subject matter expertise on attacker tradecraft and mindset.
Champion security awareness and technical knowledge-sharing by collaborating with information security, technology, and business stakeholders.
Actively represent the Offensive Security Team’s expertise by contributing to presentations and speaking opportunities at internal conferences.
What You’ll Bring
We're looking for an engineer with a robust offensive mindset with proven offensive security testing and building experience in complex enterprise environments.
Technical Requirements
5+ years’ experience of industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Outflank, Sliver, Mythic, Bloodhound, Burp Suite).
Strong understanding of Purple Team concepts, tools, and automation strategies.
Skilled in use of Kali or similar Linux operating systems used for Red and Purple Teaming
Strong understanding of MITRE ATT&CK framework tactics, techniques and procedures.
Proficiency in at least one scripting language (Python, Bash, PowerShell, Ruby, etc.).
Strong understanding of Windows and Linux system hardening concepts and techniques.
Strong understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability.
Experience with at least one cloud environment (AWS, GCP, Azure).
Experience attacking cloud, on-prem and/or hybrid environments from initial access all the way through actions on objective.
Nice to have
Understanding of how an Advanced Persistent Threat could compromise a financial institution.
Recognized industry certifications such as, but not limited to, CRTP, OSCP, GPEN, GXPN, GREM, eCPTX, eCPPT, OSWE, CISSP, CPSA, CRT, etc.
Previous experience of Purple Team project delivery to include creation and execution of Purple Team test plans in collaboration with Blue (defense) teams.
Experience of using Purple Team automation tools, such as, but not limited to, Atomic Red Team.
Proven experience of modifying malware payloads to bypass detections like EDR, via script-based languages or compiled languages (e.g. Go, C#).
Bug Bounty experience, including creation of CVEs
Publishing of open source tooling (e.g. Github, Bitbucket etc).
Experience of using automated infrastructure provisioning and configuration tooling, such as, but not limited to, Terraform and Ansible.
Experience of conducting Offensive Security and/or Purple Team exercises against macOS
Experience of working in an agile driven work environment.
Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF).
CME Group: Where Futures are Made
CME Group is the world’s leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.
At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone’s perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic.
Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.