Associate Principal, Security Red Team

Remote

Who We Are

About Us

The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.

What We Offer

A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:

A hybrid work environment, up to 2 days per week of remote work

Tuition Reimbursement to support your continued education

Student Loan Repayment Assistance

Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely

Generous PTO and Parental leave

Competitive health benefits including medical, dental and vision

Summary

The Security Red Team Associate Principal’s job is to increase OCC's security posture against all threats that put OCC’s organizational operations, assets or individuals at risk.  The Security Red Team testers engage in targeted simulations consisting of threat intelligence gathering, network & application penetration testing, social engineering, physical security testing, mobile device testing, and more. Team members must ensure the availability and integrity of OCC’s operational systems and self-disclose identified findings in a timely/proactive manner.

Members of the Red Team are expected to have exceptionally strong ethics, integrity and be accountable for their actions. The Red Team must have a healthy, competitive and bar-raising relationship with the individuals who monitor and deploy OCC’s preventative and detective controls.

The ideal candidate will have extensive experience in more than one of the following security testing domains: Open Source Intelligence, Network/Application, Web Application, Mobile Application, and Social Engineering. Experience testing database servers as well as proficiency with custom scripting and automation is a huge plus. This candidate must be driven, an excellent communicator, enthusiastic, a good mentor and have the desire to stay ahead of today’s emerging threats and actor techniques.

Primary Duties and Responsibilities:

To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.

  • Execute Red Team simulations based on organizationally defined threat scenarios with strict adherence to the agreed-upon rules of engagement.
  • Conduct various Red Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Penetration Testing, Social Engineering, Basic Emissions/Signals Testing, Physical Security Testing, etc.
  • Setup Command & Control C2 Infrastructure
  • Utilize “stealthy” manual testing methodologies, payload obfuscation techniques or create custom exploit scripts to evade Cyber Defense detection capabilities
  • Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools.
  • Understand vulnerabilities and develop relevant exploits/payloads for use during Red Team activities.
  • Perform security risk assessment, threat analysis and threat modeling.
  • Perform independent reviews of OCC’s security, network, and applications.
  • Plan/Design/Execute security related activities and create artifacts.
  • Stay on-time, on-budget, and within scope of testing activities.
  • Develop clear detailed reports and recommendations based on concrete evidence.
  • Debrief users and provide remediation strategy on findings.
  • Ensure alignment of security controls in OCC’s testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices.
  • Assist management with the improvement of policies and procedures to support Security Testing and Red Team activities as well as other security duties which may arise.
  • Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends.
  • Adhere to the best practices and work for delivering secured and quality products.
  • Consult with technical experts and system owners on all aspects of Information Security and Compliance.
  • Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture.
  • Support OCC’s security objectives and remediation efforts relating to Security Testing.
  • Supports and successfully completes Audits.
  • Cross-train the other Security Red Team members.
  • Cross-train other teams within Security Services and OCC IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations
  • Participate in “Lessons Learned” process to provide information to help OCC improve practices, methodologies, tools, and other technologies.
  • Participate on various technical committees and provide input and feedback to department.
  • Stay current on emerging technology trends and the threat landscape.
  • Advise IT on current and emerging threats, their attack vectors, and how to mitigate them.
  • Provide leadership, share knowledge and mentor team members.
  • Train full-time and contingent Security Testing Red Team personnel.
  • Support Security Red Team management and activities and be a team player.
  • Perform other duties as assigned.   

Supervisory Responsibilities:

NA

Qualifications:

The requirements listed are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.

  • High energy, results driven person with an attention to detail.
  • Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions.
  • Exceptional tactical planning skills based on long-term strategic goals.
  • Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely.
  • Excellent listening skills.
  • Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Social Engineering and Open Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more.
  • Proven due diligence and research ability via open source avenues and technology.
  • Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS).
  • Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management
  • Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed.
  • Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications.
  • Strong knowledge of common enterprise infrastructure technology stacks and network configurations.
  • Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols.
  • Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language.
  • Ability to facilitate meetings and conversations.
  • Ability to work with business users, understand their needs and translate those needs to the final project deliverables.
  • Nice to have experience working on critical infrastructure in a regulated environment

Technical Skills:

  • Strong proficiency in network, application, emissions and physical security.
  • Strong proficiency in social engineering and intelligence gathering.
  • Strong experience with custom scripting (python, powershell, bash, etc.)  and process automation.
  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).
  • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Netsparker, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).
  • Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
  • Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio).
  • Proficient in basic document management in a Microsoft SharePoint environment.
  • Experience with dedicated document management tools (e.g., DMS, PolicyTech) a plus.
  • Experience with using ServiceNow a plus.

Education and/or Experience:
  • BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired.
  • 3+ Years’ experience penetration testing.
  • 7+ Years’ experience in Information Assurance or Information Security environment.
Certificates or Licenses:
  • Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired.

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.  

Step 2
You will receive an email notification to confirm that we've received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. 

For more information about OCC, please click here.

OCC is an Equal Opportunity Employer

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  44  9  0
Category: PenTesting Jobs

Tags: Audits Automation AWS Azure Bash Burp Suite CISA CISSP Cloud Cobalt Strike COBIT Compliance Computer Science Cryptography Cyber defense Exploit Exploits Ghidra GPEN GSLC GXPN Hashcat Hashing IaaS IDA Pro IT infrastructure Kali MacOS Metasploit MSSQL MySQL Nessus NIST Nmap Open Source OSCE OSCP OSINT PaaS Pentesting PowerShell Python Qualys Red team Risk assessment Risk management SaaS Scripting SharePoint Strategy Threat intelligence UNIX Vulnerabilities Vulnerability management Windows

Perks/benefits: Career development Equity / stock options Health care Home office stipend Medical leave Parental leave Wellness

Region: Remote/Anywhere

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.