Your acceptance of all cookies will permit robust site functionality. If you don't allow cookies, some features and functionality of OCC's site may not operate as expected. If you do not choose either cookie setting for our site, or if you close this window, this message will continue to display on each page you visit. Cookie settings can be controlled in your Internet browser to automatically reject some forms of cookies. For more details on cookies this site uses, see our OCC Site Cookies page. In addition to using cookies, we retain other information, including your Internet Protocol (IP) address, for the purposes listed in the Privacy Policy.

Manager, Internal Audit Information Technology & Security

The Options Clearing Corporation (OCC), the world’s largest equity derivatives clearinghouse, is seeking a Manager, Internal Audit Information Technology & Security. The Manager will provide leadership across the department in support of the strategic goals of the audit function.  This role will present comprehensive audit reports summarizing key risks, including providing expert consultative guidance to senior management for a complex technology environment, develop and maintain effective relationships and support management in achievement of their goals.  In addition, the Manager may interface with the Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), Financial Industry Regulatory Authority (FINRA) and external auditors.


The Manager, Internal Audit Information Technology & Security responsibilities will be aligned, but not limited to, four pillars:


  • Ability to clearly articulate professional principles and standards (i.e., AICPA, IIA IPPF, COBIT, NIST CSF, etc.) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls.
  • Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices.
  • Keeping current on best practices and emerging risks in IT, information security, and cyber security within the financial services industry and making recommendations for improvements, as necessary.
  • Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education.


  • Aid in the development of the comprehensive audit plan on an annual basis for administration of several IT or information security audits held simultaneously.  
  • Defining and leading the execution of audit projects in accordance to the annual audit plan.  
  • Owning the audit quality, accuracy of results, delivery within budget, and in a timely manner.
  • Leading audits related to organization changes including requirements definitions, technology implementations, engagement, and alignment of change initiatives to business objectives.


  • Participate in the development and execution of a comprehensive risk-based annual audit plan.
  • Lead and implement strategic initiatives related to new audit programs/processes, technology, or other initiatives. 
  • Planning, leading and reporting for risk-based and special request audit assignments.
  • Proactively identifying regulatory, IT, information security, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership.
  • Developing, maintaining, and strengthening effective relationships with IT, business groups and leadership and partnering with management.

Team Development

  • Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation.  
  • Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.  Act as a mentor and ensure that staff has a solid understanding of auditing procedures to conduct the audit.


  • Exceptional customer service and collaboration skills required.   Strong analytical and verbal/written communication skills required. 
  • Demonstrated success in leading audit projects and implementing audit best practices in a complex technology environment for application systems development and infrastructure support.  Demonstrated success in identifying IT and security risks in complex technology environment and implementing controls/processes to mitigate the risks.
  • Strong working knowledge of the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA).
  • Demonstrated ability to analyze data, evaluate facts, and summarize and present clear and concisely in both oral and written context to senior leadership.
  • Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions.
  • Ability to manage a complex audit plan and lead the team, prioritizing multiple audit assignments to simultaneously complete each timely with high quality.
  • Strong problem solving and analytical capabilities.
  • Ability to understand the interaction between complex technology, business processes, and the associated impact on the ability to comply with regulations.
  • Strong proficiency using Archer or other audit or Governance Risk and Compliance software.
  • Bachelor’s degree (or equivalent) in Information Technology, Accounting, Finance, Business Administration, or related field.
  • Experience working in a complex, fast paced environment required.
  • Consulting/accounting firm experience is a plus.
  • Experience in Financial Services/Security Industry and working with regulatory organizations such as: SEC, CFTC, and/or FINRA required.
  • Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or similar certification is required.
  • At least 4 years of experience leading IT risk-based audits and projects, and IT process reviews.

Step 1
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.  

Step 2
You will receive an email notification to confirm that we've received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location. 

For more information about OCC, please click here.

OCC is an Equal Opportunity Employer

Apply About OCC
  • REQ-1832
  • Chicago - 125 S Franklin
  • Full Time Regular
  • Posted: Oct. 22, 2020

How to Apply

Step 1 - When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.

Step 2 - You will receive an email notification to confirm that we've received your application.

Step 3 - If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.

OCC is an Equal Opportunity Employer

This web site discusses exchange-traded options issued by The Options Clearing Corporation. No statement in this web site is to be construed as an endorsement, recommendation or solicitation to purchase or sell a security, or to provide investment advice. Options involve risk and are not suitable for all investors. Prior to buying or selling an option, a person must receive a copy of the disclosure document, Characteristics and Risks of Standardized Options. Individuals should not enter into option transactions until they have read and understood this document. To obtain copies, contact your broker, any exchange on which options are traded, or The Options Clearing Corporation, 125 S. Franklin Street, Suite 1200, Chicago, IL 60606 ([email protected]).