Associate Principal, Security Engineering (PAM) at OCC
OCC is the world's largest equity derivatives clearing organization and a key player within the US Financial markets. As the company moves further along its journey into a Cloud-based infrastructure environment and leveraging of modern Infrastructure as Code practices, we are looking for engineers seeking highly complex and challenging work focused on continuously improving our security posture.
As Associate Principal, Security Engineering, you will perform a range of activities required to both maintain, support and engineer a large, hybrid cloud and on-premises computing environment. You will also work with other internal departments to support their requests and provide Privileged Account Management (PAM) subject matter expertise. This will involve utilizing best practices for the management, architecture, configuration, DR, administration, and automation of the environment.
The ideal candidate will have strong attention to detail, be motivated to collaborate with stakeholders across Security and IT teams and keep current on regulatory/compliance demands on our company (e.g. CIS, NIST, etc).
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. • Provide expert knowledge to the organization for all components of and enterprise grade PAM deployment, including CyberArk and Hashicorp Vault infrastructures.
• Recommend best practices for application and/or architecture requirements.
• Provide advanced system administration, operational support and problem resolution for a large complex environment.
• Manage and administer systems lifecycle for the systems and data stored within.
• Implement production changes during defined maintenance windows and support on call rotation
• Write and maintain documentation of relevant operating procedures and processes.
• Oversee completion and fulfillment of key project requirements and responsibilities to include oversight of project goals and timelines, fulfillment of expertise during review board, and end to end process management of internal and external vendor support.
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• Good consultative, communication, team player and analytical skills are a must, as you will be regularly interacting between various teams.
• Relevant experience with PAM deployment, maintenance, and optimization in a corporate environment.
• Ability to work within a fast-paced environment with short timelines and work well under pressure.
• Hands-on experience with CyberArk, AIM, PSM, Hashi Vault, and Terraform.
• Working knowledge of infrastructure design and components, such as servers, operating systems, networks, and storage
• Hands-on experience with preparing detailed architecture, design documents, authoring related policies to privileged account management including NIST Framework and other control standards.
Education and/or Experience:
• Advanced degree, preferably in a technical discipline (Computer Science, Engineering, Mathematics, etc.) and relevant IT systems experience inPAM, or equivalent combination of education and experience required
Certificates or Licenses:
• CyberArk Defender / Solutions Delivery
• HashiCorp Cloud Engineer
• Or other relevant certifications to privileged identity or management