OCC Logo

OCC

Associate Principal, Adversarial Red Team

Posted An Hour Ago
Be an Early Applicant
Hybrid
Chicago, IL, USA
122K-197K Annually
Senior level
Hybrid
Chicago, IL, USA
122K-197K Annually
Senior level
Lead and execute comprehensive Red Team engagements across network, application, cloud, mobile, physical, and social-engineering domains. Develop C2 infrastructure, leverage AI/LLMs, perform threat modeling, validate remediations, produce evidence-based reports, advise stakeholders, support audits, and mentor cross-functional security teams to improve detection and defenses.
The summary above was generated by AI
*****THIS POSITION IS NOT ELIGIBLE FOR VISA SPONSORSHIP*****

To be considered for this position, applications and resumes are accepted only through our careers site by directly applying to the posted job. We do not accept unsolicited resumes or sales solicitations from staffing agencies. Any OCC employee wishing to submit a referral must do so through their Workday account. Any resume submitted outside of an active job posting will not be considered for employment.

What You'll Do:

The Adversarial Red Team Associate Principal is responsible for strengthening OCC's security posture by conducting covert black-box and occasional white-box assessments across network, web application, cloud, mobile, physical, and social engineering domains, while coordinating with Security and IT teams to address and retest remediated findings. Ideal candidates will bring deep expertise in areas such as OSINT, penetration testing, C2 infrastructure development, evasion techniques, and custom scripting, along with strong communication skills and a commitment to staying ahead of emerging threats. All team members are held to the highest standards of ethics, integrity, and accountability, and are expected to foster a collaborative, bar-raising dynamic with OCC's defensive security teams.

Primary Duties and Responsibilities:

To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.

  • Execute comprehensive Red Team simulations including network/application penetration testing, cloud security, social engineering, physical security, mobile testing, and OSINT within defined rules of engagement.

  • Develop and deploy Command and Control (C2) infrastructure using evasion and obfuscation techniques to test and enhance Cyber Defense detection capabilities.

  • Leverage AI/LLM tooling to accelerate offensive research, exploit development, and overall Red Team effectiveness.

  • Conduct ad-hoc white-box testing on pre-production and in-development infrastructure, and validate remediated findings with IT owners.

  • Perform threat modeling, security risk assessments, and independent reviews of OCC's security, network, and applications.

  • Develop clear, evidence-based reports with actionable remediation recommendations and debrief stakeholders on findings.

  • Ensure security controls and testing activities align with applicable regulations, industry best practices, and OCC policies and procedures.

  • Cross-train Red Team members and other Security/IT teams on adversarial threats, attack vectors, and remediation strategies.

  • Stay current on emerging threats, threat intelligence, and attack techniques, advising IT leadership on mitigation approaches.

  • Support audits, contribute to security roadmap development, and mentor team members while fostering a collaborative team environment.

  • Perform other duties as assigned.   

Supervisory Responsibilities:

  • None

Qualifications:

The requirements listed are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.

  • High energy, results driven person with an attention to detail.

  • Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new adversarial TTPs to simulate on a regular basis

  • Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions.

  • Exceptional tactical planning skills based on long-term strategic goals.

  • Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely.

  • Excellent listening skills.

  • Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Command and Control (C2) Infrastructure Development, Cyber Defense Evasion techniques, Social Engineering, Open-Source Intelligence, Basic Emissions Testing, Physical Security Testing, and more.

  • Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool-usig agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings.

  • Proven due diligence and research ability via open-source avenues and technology.

  • Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS).

  • Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management

  • Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed.

  • Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications.

  • Strong knowledge of common enterprise infrastructure technology stacks and network configurations.

  • Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols.

  • Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language.

  • Ability to facilitate meetings and conversations.

  • Ability to work with business users, understand their needs and translate those needs to the final project deliverables.

  • Nice to have experience working on critical infrastructure in a regulated environment.

Technical Skills:

  • Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing

  • Demonstrated exploit, payload, and attack framework development experience

  • Strong knowledge of EDR detection capabilities such as Crowdstrike/Carbon Black, etc. and associated defense evasion techniques for behavioral based alerting

  • Strong working knowledge of Artificial Intelligence (AI) large language models (LLMs) and agentic AI systems – including how autonomous and tool-usig agents, orchestration frameworks, and protocols like Model Context Protocol (MCP) operate – and the ability to evaluate how these technologies can accelerate offensive security tradecraft across reconnaissance, exploit and payload development, adversarial tooling development, and enhance triaging for security findings.

  • Strong proficiency in social engineering and intelligence gathering.

  • Strong experience with custom scripting (Python, Powershell, Bash, etc.)  and process automation.

  • Strong experience with database security testing (MSSQL, DB2, MySQL, etc.).

  • Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nighthawk, Nmap, Qualys, Nessus, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Ida Pro, Ghidra, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Yersinia, Impacket, etc.).

  • Track record of vulnerability research and CVE assignments

  • Knowledge of Windows APIs and Living off the Land (LOL) Binaries

  • Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.

  • Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio).

  • Proficient in basic document management in a Microsoft SharePoint environment.

  • Experience with dedicated document management tools (e.g., DMS, PolicyTech) is a plus.

  • Experience with using ServiceNow is a plus.

Education and/or Experience:

  • BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required

  • 3+ Years’ experience of Penetration testing

  • 5+ Years’ experience in Information Assurance or Cybersecurity work environments

Certificates or Licenses:

  • Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.

About Us

The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.

Benefits

A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:

  • A hybrid work environment, up to 2 days per week of remote work
  • Tuition Reimbursement to support your continued education
  • Student Loan Repayment Assistance
  • Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
  • Generous PTO and Parental leave
  • 401k Employer Match
  • Competitive health benefits including medical, dental and vision

Visit https://www.theocc.com/careers/thriving-together for more information.

Compensation

  • The salary range listed for any given position is exclusive of fringe benefits and potential bonuses. If hired at OCC, your final base salary compensation will be determined by factors such as skills, experience and/or education.
  • In addition, we believe in the importance of pay equity and consider internal equity of our current team members as part of any final offer.
  • We typically do not hire at the maximum of the range in order to allow for future and continued salary growth. We also offer a substantial benefits package as noted on www.theocc.com/careers
  • All employees may be eligible for a discretionary bonus. Discretionary bonuses are based on various factors, including, but not limited to, company and individual performance and are not guaranteed.

Salary Range

$121,900.00 - $197,100.00

Incentive Range

8% to 15%

This position is eligible for an annual discretionary incentive compensation award, for which the target range is listed above (see Incentive Range). The amount of such award, if any, will be based on various factors, including without limitation, both individual and company performance.

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.  

Step 2
You will receive an email notification to confirm that we've received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. 

For more information about OCC, please click here.

OCC is an Equal Opportunity Employer

HQ

OCC Chicago, Illinois, USA Office

Adjacent to the Willis Tower, close to CTA, Metra and expressways with plenty of food and entertainment options nearby.

Similar Jobs at OCC

An Hour Ago
Hybrid
Chicago, IL, USA
143K-229K Annually
Senior level
143K-229K Annually
Senior level
Big Data • Cloud • Fintech • Information Technology • Financial Services
Lead adversarial red team operations by designing and executing covert red team simulations across network, application, cloud, mobile, physical, and social domains. Develop C2 infrastructure, use AI/LLMs to accelerate offensive tradecraft, perform threat modeling and risk assessments, validate remediations, produce evidence-based reports, mentor junior staff, and ensure alignment with regulations and security best practices.
Top Skills: Ai/LlmsArmitageAWSAzureBashBettercapBloodhoundBurp SuiteC2 InfrastructureCarbon BlackCiscoCobalt StrikeCrackmapexecCrowdstrikeDb2DmsEttercapExcelExploit-DbGhidraHashcatIaasIda ProImpacketKalimacOSMainframeMetasploitMicrosoft WordMimikatzModel Context Protocol (Mcp)MssqlMySQLNessusNighthawkNmapOsintPaasPolicytechPowerPointPowershellPythonQualysRecon-NgRubeusSaaSServicenowSharepointSublist3RUnixVisioWindowsWiresharkYersinia
An Hour Ago
Hybrid
Chicago, IL, USA
93K-154K Annually
Senior level
93K-154K Annually
Senior level
Big Data • Cloud • Fintech • Information Technology • Financial Services
Perform Tier 2 security monitoring, advanced log and network analysis, and incident response. Investigate escalated incidents, contain and remediate threats, develop IR/SOAR playbooks, collaborate with threat intelligence and IT teams, mentor Tier 1 analysts, and support continuous SOC process improvements.
Top Skills: Active DirectoryAWSAzureCa DirectoryCortex XsoarCrowdstrikeEdrEntra IdExcelFirewallsFortisoarGCPIbm QradarIds/IpsLinuxLogrhythmMicrosoft DefenderMs ProjectMs WordNessusNmapProxy ServersQualysSentineloneSIEMSoarSplunkSplunk SoarSun SolarisVisioWeb Application FirewallWindows
An Hour Ago
Hybrid
Chicago, IL, USA
113K-187K Annually
Mid level
113K-187K Annually
Mid level
Big Data • Cloud • Fintech • Information Technology • Financial Services
Perform advanced security monitoring and incident response as a Tier 2 analyst: investigate complex incidents, contain and remediate threats, develop playbooks, collaborate with threat intelligence and IT teams, mentor Tier 1 analysts, and contribute to SOC process improvements and post-incident reviews.
Top Skills: Active DirectoryAPIsAWSAzureCa DirectoryCortex XsoarCrowdstrikeEntra IdExcelFirewallsFortisoarGCPIbm QradarIds/IpsLinuxLogrhythmMicrosoft DefenderMs WordNessusNmapProjectProxy ServersQualysSentineloneSolarisSplunkSplunk SoarVisioWeb Application FirewallsWindows

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account