Associate Principal, Security Engineering

Who We Are
About Us
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures, and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 2 days per week of remote work
Tuition Reimbursement to support your continued education.
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely.
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision.
Summary
As a member of the Security Engineering team, you are responsible for applying skills and knowledge to perform functions in public key infrastructure (PKI), Hardware security modules (HSMs), encryption practices, and secrets and privileged access management solutions. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.

• Work closely with Security Engineering team to understand business objectives on-premises and all in the cloud architecture to provide requirements for successfully automating deployments.
• Work with technical product owners to translate technical capabilities that are achievable and provide requirements or recommendations for automating the deployment of a particular application or component.
• Understand the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines.
• Perform a security first approach when deploying or integrating products that involve Secrets Management, PKI, Session Management, or authenticated integrations that may expose privileged credentials.
• Consult with AWS Security Account, Lambda, auto-remediation, Security Hub, Shared Services, and VPCs that are designed to increase and host security services.
• Approach all products and platforms with best practices monitoring techniques.
• Support the deployment, maintenance, and improvements with HashiCorp Vault Enterprise architecture based on industry best practices and organization requirements.
• Consult with tools surrounding the Kubernetes and containerized ecosystem such as helm, Sysdig, and HashiCorp Vault cert manager integration.
• Responsible for partnering with product owners, platform automation teams, and infrastructure teams when focused or developing a solution.
• Ability to operate in complex operational environments and interact with internal experts required to maintain those environments.
• Perform agile best practices and self-motivation to bring a task end-to-end to completion.
• Proficient in using scripting and automation skills when converting manual and maintenance functions into fully orchestrated automation.

GitOps, README, and documentation for all code committed and merged
Supervisory Responsibilities:
Qualifications:
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.

• Hands-on experience with Python, Ansible, Terraform, FastAPI, and YAML packages.
• Hands-on experience with Terraform Providers and translating to product requirements.
• Hands-on experience with Jenkins pipelines for implementing and integrating continuous delivery.
• Hands-on experience deploying and maintaining infrastructure in public cloud AWS or Azure/GCP.
• Hands-on experience working with Secrets Management best practices within dynamic infrastructure.
• Hands-on experience with system monitoring techniques and tools supporting unattended operations.
• Hands-on experience with API development and microservices.
• Working knowledge of Docker/Kubernetes deployment, configuration, scaling and management of containerized applications.
• Technical knowledge of Secrets Management and Privileged Access Management on target systems, databases, directories, and applications.

Technical Skills:

• Industry experience implementing DevOps automation in public cloud infrastructure with Terraform and ansible following Infrastructure as Code (Iac) concept.
• Self-motivated to learn new products within the Security Engineering stack of products and apply best practices concepts to a dynamic cloud infrastructure.
• Experience with API development and microservices.
• (Preferred) Hands-on experience with HashiCorp Vault
• (Plus) Hands-on experience with Sysdig and containerized security
• (Plus) Hands-on experience with CyberArk API
• (Plus) Working knowledge of Secrets Management and Privileged Access Management.

Education and/or Experience:

• 3+ Years of hand-on DevOps or DevSecOps as a primary role. (e.g. Developer environment, GitOps, Version Control, RESTful APIs, and build)
• 5+ years of hands-on experience working within cloud architecture and deployments.

Certificates or Licenses:

• Certification in at least one or more of the following:
  • AWS Certified Developer or other AWS related
  • Certified Kubernetes Administrator
  • HashiCorp Certified: Terraform Associate
  • HashiCorp Certified: Vault Associate
  • DevOps security or related

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
Step 2
You will receive an email notification to confirm that we've received your application.
Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
For more information about OCC , please click here .
OCC is an Equal Opportunity Employer