Associate Principal, Privileged Access Management (DevOps)
Who We Are
The Options Clearing Corporation (OCC) is the world's largest equity derivatives clearing organization. Founded in 1973, OCC is dedicated to promoting stability and market integrity by delivering clearing and settlement services for options, futures and securities lending transactions. As a Systemically Important Financial Market Utility (SIFMU), OCC operates under the jurisdiction of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the Board of Governors of the Federal Reserve System. OCC has more than 100 clearing members and provides central counterparty (CCP) clearing and settlement services to 19 exchanges and trading platforms. More information about OCC is available at www.theocc.com.
What We Offer
A highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment, up to 2 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
As a member Security Engineering you are responsible for applying skills and knowledge to perform specified functions. As part of this team you will take part in automation activities that involve automating the deployment and management of architected security products within an AWS infrastructure. You will engage in automation activities, review of CI/CD design and architecture, and apply industry best practices for deploying infrastructure and configuration management. This position promotes the learning and understanding of security products by Product SME’s while focusing on the automation concepts for Infrastructure-as-code, DevSecOps, configuration management, and specifically infrastructure and integrations within the Security Engineering platform.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
Work closely with Security Engineering team to understand business objectives on-premise and all in the cloud architecture to provide requirements for successfully automating deployments.
Work with technical product owners to translate technical capabilities that are achievable and provide requirements or recommendations for automating the deployment of a particular application or component.
Understand the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines.
Perform a security first approach when deploying or integrating products that involve Secrets Management, PKI, Session Management, or authenticated integrations that may expose privileged credentials.
Consult with AWS Security Account, Lambda, auto-remediation, Security Hub, Shared Services, and VPCs that are designed to increase and host security services.
Approach all products and platforms with best practices monitoring techniques.
Support the deployment, maintenance, and improvements with HashiCorp Vault Enterprise architecture based on industry best practices and organization requirements.
Consult with tools surrounding the Kubernetes and containerized ecosystem such as helm, sysdig, and HashiCorp Vault cert manager integration.
Responsible for partnering with product owners, platform automation teams, and infrastructure teams when focused or developing a solution.
Ability to operate in complex operational environments and interact with internal experts required to maintain those environments.
Perform agile best practices and self-motivation to bring a task end-to-end to completion.
Proficient in using scripting and automation skills when converting manual and maintenance functions into fully orchestrated automation.
GitOps, README, and documentation for all code committed and merged.
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
Hands-on experience with Python, Ansible, Terraform, and YAML packages
Hands-on experience with Terraform Providers and translating to product requirements.
Hands-on experience with Jenkins pipelines for implementing and integrating continuous delivery.
Hands-on experience deploying and maintaining infrastructure in public cloud AWS or Azure/GCP.
Hands-on experience working with Secrets Management best practices within dynamic infrastructure.
Hands-on experience with system monitoring techniques and tools supporting unattended operations.
Working knowledge of Docker/Kubernetes deployment, configuration, scaling and management of containerized applications.
Technical knowledge of Secrets Management and Privileged Access Management on target systems, databases, directories, and applications.
Industry experience implementing DevOps automation in public cloud infrastructure with Terraform and ansible following Infrastructure as Code (Iac) concept.
Self-motivated to learn new products within the Security Engineering stack of products and apply best practices concepts to a dynamic cloud infrastructure.
(Preferred) Hands-on experience with HashiCorp Vault
(Plus) Hands-on experience with Sysdig and containerized security
(Plus) Hands-on experience with CyberArk API
(Plus) Working knowledge of Secrets Management and Privileged Access Management.
Education and/or Experience:
3+ Years of hand-on DevOps or DevSecOps as a primary role. (e.g. Developer environment, GitOps, Version Control, RESTful APIs, and build)
5+ years of hands-on experience working within cloud architecture and deployments.
Certificates or Licenses:
Certification in at least one or more of the following:
AWS Certified Developer
HashiCorp Certified: Terraform Associate
HashiCorp Certified: Vault Associate
DevOps security or related
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
You will receive an email notification to confirm that we've received your application.
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
For more information about OCC, please click here.
OCC is an Equal Opportunity Employer
- Chicago - 125 S Franklin
- Full Time Regular
- Posted: Mar. 07, 2023
How to Apply
Step 1 - When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
Step 2 - You will receive an email notification to confirm that we've received your application.
Step 3 - If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
Numerous studies have shown that people from groups that are traditionally under-represented in financial services apply to jobs only if they believe they meet 100% of the requirements. We want to break down this mindset to further diversify our workforce.
We encourage you to review our open positions and apply if you think your experience may be a match, even if you do not meet all of the qualifications. Your perspective may be an element we need to continue building innovative solutions to support the markets and market participants we serve.
OCC is a globally recognized entity that clears a multitude of diverse and sophisticated products. We want to reflect this in the diversity of our workforce.