Executive Director, Security Engineering at OCC
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 3 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
The Senior Cyber Security Engineer is responsible for the analysis, design, installation, configuration, maintenance, testing, documentation, support, monitoring, and administration of the information security technology product portfolio in compliance with OCC and applicable Financial Regulator information security policies, standards, and procedures.
Ability to think with a security mindset. The successful candidate has a strong information security and technology background with in-depth knowledge of several key security practice areas to include access control; privileged access management; application security; identity and access management; data security and governance; network security; security architecture; mobile security and various cloud-based security strategies.
Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily
The key responsibilities of the role are as follows:
- Collect and analyze security requirements from internal customers; reconcile and remediate any conflicts with information security policies and standards.
- Design and test security solutions utilizing existing products in the security engineering portfolio: firewalls, proxy servers, intrusion detection/prevention, data loss prevention, anti-virus, anti-spam, vulnerability scanning, security information and event management.
- Implement security solutions, or work with vendor partners to implement solutions per the organization’s change management process and procedures
- Develop, implement and execute control activities to ensure that security products, processes and procedures are working as intended; remediate any deficiencies detected; providedocumentation and other artifacts.
- Develop and collect metrics that measure the volume and trends of work activities andevents within the security operations capability; provides regular reports to management.
- Assess risks to the confidentiality, integrity and availability of the organization’s information assets; makes risk treatment recommendations to management; researches, evaluates, andrecommends new security products, processes and procedures
- Collaborate with technology teams on deployments requiring the establishment of new backend systems, configurations, or controls.
- Provide security engineering support and expertise to enterprise IT projects that cross multiple platforms and ensure alignment with corporate security architecture.
- Support the creation of and adherence to cybersecurity and information security reference architectures by developing reusable patterns for security.
- Work directly with product and development managers to track and remediate application vulnerabilities
- Thorough knowledge of common security standards to include NIST Cybersecurity Framework, NIST 800-53, ISO 27001, and COBIT and their application within a regulated financial sector institution.
- Experience working with modern perimeter application security systems, host based intrusion detection and prevention systems, stateful firewalls, symmetric and asymmetric encryption systems, and other security technologies relevant to web operations and mobile workforce management
- Maintains knowledge base on high profile, public cyber security breaches and able to quickly understand and articulate their associated actors, exploits and opportunities to improve OCC’s specific defense capabilities.
- Familiarity with distributed, cloud-hosted, service-oriented web applications using modern deployment technologies (Docker, Citrix, VMWare, etc.)
- Ability to articulate the business risk associated with identified security weaknesses to senior management, Board of Directors, and Financial Regulators.
- Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities and performs personnel actions (hiring, promotions, terminations, etc.)
- Confer with and advise subordinates on administrative policies and procedures, technical problems, priorities and methods.
- Prepare performance expectation plans (PEPs) and monitor progress to satisfy employee and management goals.
- Promote employee development by conducting career-planning sessions with staff and selecting and scheduling employee training classes, conferences and seminars.
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
- Excellent communication, interpersonal, analytical, judgment and management skills.
- Ability to work with customers and internal management and staff.
- Ability to deal effectively with stressful situations.
- Proven ability to lead and motivate staff.
- Ability to effectively communicate in both formal and informal review settings with all levels of management.
- Ability to work with local and remote IT staff/management, vendors and consultants.
- Ability to work independently and possess strong project management skills.
In-depth understanding of:
- SIEM (ArcSight, IBM Qradar, McAfee NitroSecurity, etc.) solutions
- Forensic analysis tools (MIR, EnCase, FTK)
- Malware analysis tools (dynamic and static)
- Vulnerability assessment tools (Qualys, ISS Scanner, Nmap, Nessus, Nexpose etc.)
- Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions
- Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark).
- Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.)
- Encryption technologies (PGP, PKI and X.509)
- Experience with Active Directory security, including scans, best practices and security configuration.
- Experience with Application Security controls including design, dynamic scans, static code analysis.
- Complete knowledge of dynamic Incident Reponses process, procedures and tools
- Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions.
- Proxy and caching services
- Client/server platforms including Sun Solaris, Windows, Linux
- Operating system hardening procedures (Solaris, Linux, Windows, etc.)
- LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP)
- Fundamental understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory
- Application and database security experience, including code reviews.
- Network and security engineering experience, including log and network traffic capture analysis.
- Experience with system hardening procedures for Windows, Linux, UNIX.
- Security policy, standards, governance, privacy or regulatory experience (e.g., NIST, ISO, HIPAA, PCI).
- Knowledge of BYOD and Mobile Device Management platforms.
- Knowledge of programming and scripting for development of security tools and industry frameworks.
- Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).
Education and/or Experience:
- Bachelors degree in Computer Science, MIS or related discipline
- 15+ years of experience in security environment management or 10 years equivalent combination of education and work experience
- 5+ years of experience managing people and projects
- Experience managing multiple, simultaneous projects
- Track record of successful experiences with senior level representation and team building skills
- Senior level knowledge of the cyber security industry and measures/techniques applied to both measure and reduce risk
- Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies and motives.
- Familiarity with computer network exploitation and network attack methodologies and understanding of the relationship these activities have with the Financial Services industry and critical infrastructure.
- Previous military, law enforcement, or national security experience. Government Security Clearance is a plus.
Certificates or Licenses:
- Professional network and/or security certifications a plus (i.e., GIAC, CISSP, CISA, CISM, CRISC)