Explore
Close
Your acceptance of all cookies will permit robust site functionality. If you don't allow cookies, some features and functionality of OCC's site may not operate as expected. If you do not choose either cookie setting for our site, or if you close this window, this message will continue to display on each page you visit. Cookie settings can be controlled in your Internet browser to automatically reject some forms of cookies. For more details on cookies this site uses, see our OCC Site Cookies page. In addition to using cookies, we retain other information, including your Internet Protocol (IP) address, for the purposes listed in the Privacy Policy.

Associate Principal, IT & Security Risk

About Us

The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.

What We Offer

A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:

A hybrid work environment, up to 3 days per week of remote work

Tuition Reimbursement to support your continued education

Student Loan Repayment Assistance

Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely

Generous PTO and Parental leave

Competitive health benefits including medical, dental and vision

Summary:

The Enterprise Risk Management (“ERM”) department identifies, measures, monitors, and reports risks and exposures across the organization through the Enterprise Risk Management Framework, and specifically through several risk programs, including but not limited to: Enterprise Risk Assessments, Risk Event Analysis, Scenario Analysis, Key Risk Indicators, and Risk Reporting.

The IT & Security Risk Associate Principal will provide critical support to the Executive Director of Operational Risk to evaluate IT and Security risks by assisting with risk assessments and applying aspects of the risk management framework across the process, risk, and control universe. Additionally, the IT & Security Risk Associate Principal will help with the risk assessment program activities, coordinate with other functions (e.g. IT, Security, TPRM, Legal, Compliance, and Internal Audit) and facilitate appropriate ERM governance to ensure alignment to OCC strategy and short-term objectives.

  • Collaborate with IT, Security, TPRM, Legal, Compliance, and Internal Audit to ensure that ERM contributes to strengthening the overall effective management of IT and Security risk across the organization.
  • Lead the OCC’s risk identification and assessment process for IT and Security risks, and verify the consistency and reliability of the associated frameworks and systems.
  • Drive adherence to methodologies, guidance, and standards applicable to risk identification and assessment frameworks.
  • Maintain risk inventories, taxonomies, and other elements supporting IT & Security risk management and compliance activities
  • Lead and execute the IT and Security risk assessment process, while aligning to the risk and control universe, and regulatory requirements and expectations.
  • Generate reports of Archer data for various stakeholders, including regulators.
  • Help automate IT & Security risk oversight.
  • Communicate results of risk assessments to governance committees, business owners, and various levels of leadership.
  • Collaborate on the enhancement and maintenance of ERM program methodologies, policies, procedures, and job aides, including the development of new program activities.
  • Track and update ERM team internal findings, external exam issues, and business area self-identified issues resulting from Enterprise Risk Assessment.

Qualifications/Technical Skills/Education

  • Advanced understanding of IT risk, Security risk, and intermediate understanding of Operational risk.
  • Ability to act as a trusted advisor and provide effective challenge.
  • Certification such as: CISSP, Security+, CSX-P, CET, CISA or CISM strongly preferred.
  • Creative, independent thinker, with a willingness to develop and drive new ideas.
  • Excellent written, verbal and presentation skills
  • Must be team-oriented and be able to collaborate effectively in department and cross-departmental efforts.
  • Ability to work under pressure and with tight deadlines.
  • Familiarity with Financial Market Utilities; securities and derivatives markets a plus.
  • Ability to work in a highly regulated environment, including with the SEC, CFTC, and Federal Reserve; Familiarity with the Covered Clearing Agency regulations a plus.
  • Microsoft Office proficiency including advanced Excel, PowerPoint, and Word
  • Experience with eGRC systems (e.g., Archer).
  • 4-6 years’ experience in enterprise risk, technology risk, security risk, or risk consultancy, specifically with focus on assessing IT and Security risk.
  • Big 4 consulting experience a plus.
  • Bachelor’s Degree in Information Systems, Computer Science (or equivalent) preferred.
  • Technology or Security certification (preferred)

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.  

Step 2
You will receive an email notification to confirm that we've received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. 

For more information about OCC, please click here.

OCC is an Equal Opportunity Employer

Apply About OCC
  • REQ-2207
  • Chicago - 125 S Franklin
  • Full Time Regular
  • Posted: Sep. 22, 2021

How to Apply

Step 1 - When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.

Step 2 - You will receive an email notification to confirm that we've received your application.

Step 3 - If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.

OCC is an Equal Opportunity Employer

Numerous studies have shown that people from groups that are traditionally under-represented in financial services apply to jobs only if they believe they meet 100% of the requirements. We want to break down this mindset to further diversify our workforce.

We encourage you to review our open positions and apply if you think your experience may be a match, even if you do not meet all of the qualifications. Your perspective may be an element we need to continue building innovative solutions to support the markets and market participants we serve.

OCC is a globally recognized entity that clears a multitude of diverse and sophisticated products. We want to reflect this in the diversity of our workforce.

This web site discusses exchange-traded options issued by The Options Clearing Corporation. No statement in this web site is to be construed as an endorsement, recommendation or solicitation to purchase or sell a security, or to provide investment advice. Options involve risk and are not suitable for all investors. Prior to buying or selling an option, a person must receive a copy of the disclosure document, Characteristics and Risks of Standardized Options. Individuals should not enter into option transactions until they have read and understood this document. To obtain copies, contact your broker, any exchange on which options are traded, or The Options Clearing Corporation, 125 S. Franklin Street, Suite 1200, Chicago, IL 60606 ([email protected]).