Who We Are
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 3 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
What You'll Do
The Compliance Department is organized into two functional areas, with each having a distinct role in carrying out the department’s mission in a highly regulated environment. The Director of Regulatory Compliance (IT and Security Services) reports directly to the Executive Director, Regulatory Compliance and works in conjunction with that person to oversee the regulatory compliance advisory program covering the following areas: Information Technology and Security Services.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
In conjunction with the Executive Director, Regulatory Compliance, identify and establish processes (including policies and procedures), controls and tools required to provide regulatory advisory services for the IT and Security Services departments.
Provide regulatory advisory services spanning highly technical subject matter areas concerning information technology (including governance, networking, cloud architecture, containerization and agile delivery etc.), security services (including threat & vulnerability management, data & information management, data loss & privacy, security operations etc.) and other related areas.
Provide guidance to first line of defense (business units) related to effective demonstration of compliance with regulatory obligations covering their areas.
Provide guidance to the business on the development and implementation of effective remediation plans to address internal or external findings.
Assist business units with the identification, understanding, and development of processes, policies, procedures, and controls that effectively demonstrate compliance with regulatory obligations.
Assist the compliance monitoring program in support of providing frequent and highly professional reports to the CCO, executive management, and the Board of Directors.
Interact and communicate in a highly effective, professional, and insightful manner with business colleagues within the company, as well as regulators, clearing members and other third parties.
Exhibit and foster a strong compliance culture across all staff members.
Exhibit and foster strong collaboration across OCC’s control functions (i.e., internal audit, enterprise risk management, compliance, model validation).
Assist in the writing of the annual compliance report, as well as other ad hoc and regularly occurring reports.
Keep abreast of changes in regulatory environment and industry best practices/frameworks (i.e., NIST, COBIT, ISO, etc.).
Identify, hire, and manage the staffing resources for the Regulatory Compliance (IT and Security Services) team.
Provide ongoing constructive feedback for staff members, including as part of performance reviews.
Develop and foster a high-performing culture that provides learning and continuous improvement opportunities for staff.
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
8+ years of compliance and/or technology and security experience.
Strong working knowledge of securities and commodities rules and regulations. (i.e., SEC, CFTC, etc.).
Strong working knowledge of compliance related best practices.
Experienced in risk and control frameworks, and process improvement frameworks (e.g. COBIT, COSO, ITIL, NIST, ISO 27001, ISO 9001, CMMI).
Experienced with Systems Development Life Cycle (SDLC) process (Waterfall & Agile).
Strong working knowledge of the financial industry.
Strong working knowledge of IT and Information Security practices including IT Governance, architecture, cloud computing, networking, data & information management, security operations, Agile delivery etc.
Excellent organizational and communication skills.
Comprehensive analytical, conceptual and problem-solving skills .
Ability to support the entire Compliance Program, including policy and procedure management, process and control management, testing, monitoring, risk assessment, and findings management.
Ability to manage and prioritize assignments and respond to rapidly shifting priorities.
Ability to work independently and as a member of a team, collaborating with internal business clients at various levels of seniority.
Must be able to work under deadlines and manage multiple tasks.
Proficiency with MS Office software, GRC tools, Document Management tools and reporting tools.
Experience using an integrated risk management system (such as RSA Archer) preferred.
Experience using NAVEX Global and PolicyTech preferred.
Education and/or Experience:
8+ years of experience in IT Compliance, IT, Information Security and/or any combinations of these.
Direct supervisory and managerial experience preferred.
Bachelor’s degree or equivalent degree required in a related discipline (Computer Science, Business Administration, etc.).
Certificates or Licenses:
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
You will receive an email notification to confirm that we've received your application.
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
For more information about OCC, please click here.
OCC is an Equal Opportunity Employer