Associate Principal, Security Architecture

What You'll Do:
 

As a member of the Security Architecture team you will be responsible for the architecture of the security controls environment in the cloud and on-premise and ensuring that security requirements are met in OCC systems design and implementation. This position is expected to lead and problem solve in all phases of the security architecture lifecycle, including contributions to departmental strategy.  Position will require cross-department collaboration with Security Services teams and security partners in Information Technology and Project Management.

Secondary responsibilities include defining requirements and scope and objectives for application security, control validation and adversarial testing. Tertiary responsibilities include contribution to automation, streamlining, and modernization of security operational and oversight processes.

Primary Duties and Responsibilities:

To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.

• Key contributor to strategy for security technological and oversight modernization; work with IT architecture and implement functions to ensure that systems conform to security requirements

• Conduct architectural Security control validation testing processes

• Define security requirements aligned with current threat intelligence and industry standards such as the NIST CSF, CSA, OWASP

• Reviewing current system security measures and recommending and implementing enhancements.

• Conduct market surveys of security tooling to identify potential replacements or upgrades to enhance OCC’s security and resilience

• Partnering with IT department to design and implement effective embedded security capabilities

• Drive the maturation and automation of Security information dissemination and oversight processes

• Support Cyber Risk in assessing the effectiveness of planned remediations for identified security defects

• Produce reporting and documentation artifacts for leadership and staff relating to security related activities

• Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices

• Assists Security Analysts, transferring technical and risk management knowledge

• Assist in project planning, program development, and process formalization.

• Perform other duties as assigned

Supervisory Responsibilities

• As a senior member of the department, candidate will provide mentoring and advice to junior members of the Security Services team.

Qualifications:

The requirements listed are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.

• Excellent oral and written communication

• Analytical skills to successfully analyze, model, and present complex risk assessments and design operationally-effective controls to remediate them

• Ability to work independently and effectively with local and remote OCC staff, management, vendors, and consultants while exercising sound judgment

• Strong understanding of information technology, risk management concepts, and analytics

• Possesses critical OCC values (i.e., fact based, collaborative, credibility/trust and judgment)

Technical Skills:

Advance experience in the following area:

• Design and specification of security control technologies such as IAM, Network Access Controls, PKI, firewalls, IPS

• AWS and cloud-native tools desired; training provided as needed.

• Standards such as COBIT, NIST 800-53, NIST CSF, ISO etc.

• Security risk management principles and practices.

• Regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc..

Certifications

• Professional security certifications a plus (i.e., AWS, CSA, GIAC, CISSP, CISA, CISM, CRISC)

Education and/or Experience:

• Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience.

• 5-7 years hands-on Information Security architecture or engineering

• Previous work in Compliance, Audit, Risk Management, or Security

About Us

The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.

What We Offer

A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:

• A hybrid work environment, up to 2 days per week of remote work
• Tuition Reimbursement to support your continued education
• Student Loan Repayment Assistance
• Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
• Generous PTO and Parental leave
• Competitive health benefits including medical, dental and vision

Salary Range

141,000.00 - 185,300.00 - 229,700.00 USD Annual

Incentive Range

8% to 15%

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.  

Step 2
You will receive an email notification to confirm that we've received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. 

For more information about OCC, please click here.

OCC is an Equal Opportunity Employer