Options Clearing Corporation

Associate Principal, Security Assurance

Options Clearing Corporation$116K — $158K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of hands-on experience in Information Security, preferably in Compliance, Audit, or Risk Management
  • Bachelor's degree in relevant fields or equivalent experience
  • Strong analytical and collaborative skills
  • Effective communication and sound judgment abilities
  • Advanced knowledge of frameworks like COBIT and NIST standards
  • Familiarity with regulatory requirements relevant to OCC
  • Experience with tools such as ServiceNow and Jira

Responsibilities

  • Conduct Security risk assessments for third parties and technologies
  • Collaborate with cross-functional teams to establish security requirements for new technology onboarding
  • Oversee the Security Observation Risk Tracking process and manage risk observations
  • Review configuration monitoring compliance for Windows and Linux systems
  • Approve privilege elevation requests for Linux servers
  • Prepare monthly reporting metrics for executive audiences
  • Assist in team request intake and risk management processes

Benefits

  • Hybrid work environment with up to two days of remote work
  • Tuition reimbursement for continued education
  • Student loan repayment assistance
  • Technology stipend for remote work equipment
  • Generous paid time off and parental leave
  • 401k employer match
  • Comprehensive health benefits including medical, dental, and vision
Full Job Description
*****THIS POSITION IS NOT ELIGIBLE FOR VISA SPONSORSHIP*****

To be considered for this position, applications and resumes are accepted only through our careers site by directly applying to the posted job. We do not accept unsolicited resumes or sales solicitations from staffing agencies. Any OCC employee wishing to submit a referral must do so through their Workday account. Any resume submitted outside of an active job posting will not be considered for employment.

What You'll Do:

The Associate Principal, Security Assurance is responsible for conducting various Security assessments, including collaboration with other Security teams to assess risk and requirements for new technology onboarding and PoCs, Third Party Security Assessments to support OCC's Third Party Risk Management team, assisting with oversight of the Security Observation Risk Tracking process, and special risk assessments as requested by Security leadership. This position includes supporting other Security Assurance team members in the development of these various risk assessments listed above.

Secondary responsibilities include assisting with oversight of configuration monitoring for CIS Benchmark control compliance on Windows/Linux platforms including new asset builds, preparation of monthly reporting metrics and materials for Security Assurance processes, assisting with management of team request intake, and assisting with review of risk observations, risk action plans, and risk acceptances from Operational Risk Management processes.

Primary Duties and Responsibilities:

To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
  • Conducting Security risk assessments of OCC third parties and technologies
  • Collaborate with the Security Engineering & Technology Integration and Threat Intelligence teams to assess risk and set security requirements for new technology onboarding and PoCs
  • Assist with oversight of the Security Observation Risk Tracking process which includes processing security observations nominated from various sources, assessing risk ratings for observations, communicating observations to risk owners, and managing the observation lifecycle
  • Participate in Security review and oversight of configuration monitoring process for Windows and Linux platforms including review of compliance reports for new asset builds and operating system base images
  • Participate in Security review and approval of Linux server privilege elevation requests
  • Prepare monthly reporting metrics and materials related to the Security Observation Risk Tracking process for inclusion with other reporting targeted at executive and Board audience
  • Assist with team request intake such as reviewing new technology requests for risk assessment applicability
  • Participate in Security review and approval of Risk Intake, Risk Action Plan, and Risk Acceptance records managed by the Operational Risk Management & Controls team
  • Assist with other Security Assurance Program efforts including but not limited to tracking of remediation and validation of audit, compliance, and regulatory findings as needed.
  • Assist Security Analysts, transferring technical and risk management knowledge
  • Perform other duties as assigned


Supervisory Responsibilities:
  • None


Qualifications:

The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
  • Effective oral and written communication, analytical, judgment and collaboration skills.
  • Analytical skills to successfully analyze, model, and present complex risk assessments
  • Ability to work independently and effectively with local and remote OCC staff, management, vendors, and consultants while exercising sound judgment
  • Strong understanding of information technology, risk management concepts, and analytics
  • Possesses critical OCC values (i.e., fact based, collaborative, credibility/trust and judgment).


Technical Skills:
  • Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc.
  • Experience in security risk management principles and practices.
  • Experience in working with regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc.
  • Experience working in ServiceNow, Tableau, Archer GRC, Jira, and Confluence


Education and/or Experience:
  • 5 years hands-on Information Security experience, preferably within previous work in Compliance, Audit, Risk Management, or Security.
  • Bachelor's degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience.


Certificates or Licenses:
  • Professional network and/or security certifications are a plus, but not required (i.e., GIAC, CISSP, CISA, CISM, CRISC, AWS cloud computing)


Benefits

A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
  • A hybrid work environment, up to 2 days per week of remote work
  • Tuition Reimbursement to support your continued education
  • Student Loan Repayment Assistance
  • Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
  • Generous PTO and Parental leave
  • 401k Employer Match
  • Competitive health benefits including medical, dental and vision


Visit https://www.theocc.com/careers/thriving-together for more information.

Compensation
  • The salary range listed for any given position is exclusive of fringe benefits and potential bonuses. If hired at OCC, your final base salary compensation will be determined by factors such as skills, experience and/or education.
  • In addition, we believe in the importance of pay equity and consider internal equity of our current team members as part of any final offer.
  • We typically do not hire at the maximum of the range in order to allow for future and continued salary growth. We also offer a substantial benefits package as noted on www.theocc.com/careers
  • All employees may be eligible for a discretionary bonus. Discretionary bonuses are based on various factors, including, but not limited to, company and individual performance and are not guaranteed.


Salary Range
$116,100.00 - $158,300.00

Incentive Range
8% to 15%

This position is eligible for an annual discretionary incentive compensation award, for which the target range is listed above (see Incentive Range). The amount of such award, if any, will be based on various factors, including without limitation, both individual and company performance.

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.


Step 2
You will receive an email notification to confirm that we've received your application.


Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.


For more information about OCC, please click here.

About Options Clearing Corporation

The Options Clearing Corporation (OCC) is a clearinghouse for equity options and futures options. It was founded in 1973 and is the world's largest equity derivatives clearing organization. OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC) and the U.S. Commodity Futures Trading Commission (CFTC). The company provides central counterparty (CCP) clearing and settlement services to 16 exchanges and trading platforms for options, financial futures, security futures, and securities lending transactions. OCC is owned by its member firms, which include most of the major options trading firms in the United States. The company's mission is to ensure that the markets it serves are stable, transparent, and fair, and to protect investors and the public interest.
Learn more about Options Clearing Corporation
Size
1,050 employees
Industry

Similar Jobs

More Jobs at Options Clearing Corporation

More Information Technology Jobs

Find similar Associate Principal, Security Assurance jobs: