Associate Principal, Security Systems
Who We Are
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 3 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
Summary
This position is responsible for driving forward and managing critical projects including the full lifecycle of the project delivery process and in working with OCC Management and cross team collaboration to provide technical guidance on how to fulfill required business objectives and security requirements.
This position will also be responsible for the administration of OCC PKI tools
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Responsibilities of the role are as follows:
• Manages full lifecycle of critical objectives from start to finish with minimal guidance.
• Works with professional services and consultant staff to cross train and upskill on new technologies.
• Assist in the full deployment of Dynamic Secrets utilizing Infrastructure as Code and development of guides and run books of all processes.
• Continue to support, grow, and assist development of static secrets management and cloud architecture.
• Build integration through Gemalto software for key issuance, retrieval, and lifecycle
Supervisory Responsibilities: • NA
Qualifications:
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. • Excellent communication, interpersonal, analytical, judgment and management skills.
• Ability to work with customers, internal management, and staff.
• Ability to deal effectively with stressful situations.
• Ability to effectively communicate in both formal and informal review settings with all levels of management.
• Ability to work with local and remote IT staff/management, vendors, and consultants.
• Ability to work independently and possess strong project management skills.
• Requires an in-depth knowledge of security controls and standards around Privileged Account Management including frameworks such as NIST.
• Ability to manage multiple intricate projects with strict deadlines while maintaining best in class work and without degrading security capabilities.
• Ability to functionally serve as Lead across multiple team threads of work and provide subject matter expertise in the required fields.
Technical Skills:
• Experience with CyberArk Privileged Account Management Solution
• Experience with HashiCorp Vault and deployment architecture requirements
• Moderate understanding of AWS architecture, services, and requirements.
• Willingness to train and learn both HashiCorp Coding Language as Terraform Coding and how to tie it into AWS JSON for Infrastructure as Code Deployments.
• Must have understanding of PKI best practices, infrastructure, and moderate understanding of cloud based PKI native services.
• Gemalto HSM – Understanding of both product in relation to being able to manage day to day operations and troubleshoot related issues with physical HSM’s
• KeySecure – Ability to build integration through Gemalto software for key issuance, retrieval, and lifecycle.
• Moderate Understanding of AWS KMS, particularly around security best practices, principles, and methodology.
• Understanding how to navigate the AWS Console and utilize both AWS CLI or AWS API for integration or management of KMS
• Ability to drive progress on PKI detection including for misuse, common vulnerabilities, and potential cyber threats
• Minimal Experience or willingness to learn other Cloud Service Provider Key management software including Azure Key Vault and Google Cloud.
Education and/or Experience:
• Five Years’ Experience with Privileged Account Management theory and processes.
• Five years of experience with leading PAM tools and solutions.
• One-year experience with AWS architecture and services.
Certificates or Licenses:
Certification in at least one or more of the following:
• CyberArk
• HashiCorp
• CISSP
• Security+