TPDD Analyst, Information Security GRC

The TPDD Analyst, Information Security GRC (Governance, Risk, and Compliance) is part of a team responsible for aiding customers in understanding the global Information Security program and Enterprise controls. The role will expose the analyst to the full suite of businesses and products that underpin the Parent ICE company.

In this role, you will work within GRC to assist customers and remain accountable for ensuring that controls are operating effectively via assessment and attestation while managing the vulnerability program.

• Preventing impactful cybersecurity and physical security incidents.
• Maintaining a reputation with customers, regulators, and key stakeholders as running a best‑in‑class cybersecurity and physical security program.
• Avoiding negative impact to business agility and growth from cybersecurity and physical security policies and controls.

• Security Metrics – use automated and manual processes to produce regular reports communicating the status of the Information Security program.
• Policies and Procedures – maintain corporate Information Security policies and departmental procedures and map them to relevant control standards.
• Regulator, Audit, and Customer Inquiries – organize and update departmental documentation and respond to inquiries in an organized, repeatable way.
• Security Awareness – build and maintain company awareness and education programs.
• Risk Assessment – build and operate the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activity.

• University degree in Information Security, Engineering, MIS, CIS, or related discipline, or equivalent years of experience.
• Experience with systems administration and/or IP networking is a plus.
• Experience in an exchange, trading facility, or financial services is a plus.
• Experience with senior‑management and board metrics generation and communication is a plus.
• Advanced certifications (e.g., CISSP) are preferred.
• Advanced technical writing and/or communication education and experience.

Excel, workflow automation tools, data collection, normalization, indexing, correlation, and visualization; scripting, regular expressions, string‑parsing, light SDLC, and project management; NIST Cyber Security Framework, CIS, and GRC platforms.

Intercontinental Exchange, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to legally protected characteristics.