Lead Associate Principal, Security Assurance

Job Title: Lead Associate Principal, Security Assurance

Location: Chicago, IL - Hybrid (3-days on-site per week).

Compensation: $140,000 - $180,000 base salary range + bonus + benefits.

Work authorization: Please note that our client is unable to sponsor employment visas at this time; therefore, we can only consider candidates who are U.S. citizens or current Green Card holders.

Glocomms is partnering with a leading financial services firm to hire a Security Assurance Lead within their Security Services division. This organization plays a vital role in maintaining stability and integrity in the equity derivatives market.

Role Overview:

The Lead Associate Principal, Security Assurance will lead and execute a variety of security assessments, including internal risk evaluations, third-party reviews, and technology onboarding assessments. This role also supports the development and enhancement of security assurance processes, including automation, AI integration, and policy updates.

Key Responsibilities:

• Plan, conduct, and report on security assessments for internal departments and third-party technologies.
• Collaborate with engineering and threat intelligence teams to define security requirements for new technologies and proof-of-concepts.
• Oversee the Security Observation Risk Tracking process, including risk rating, communication, and lifecycle management.
• Tag security observations using MITRE ATT&CK framework in collaboration with threat intelligence.
• Review and approve privilege elevation, proxy exceptions, and firewall requests for Linux servers.
• Participate in risk intake and acceptance reviews with operational risk teams.
• Research and recommend updates to risk assessment methodologies and frameworks.
• Track remediation and validate findings from audits, compliance checks, and regulatory reviews.
• Explore opportunities to integrate AI into security assurance workflows.
• Document and enhance process flows in partnership with business operations.
• Mentor junior analysts and support knowledge transfer.
• Collaborate with IT to disseminate and train on security requirements.
• Support project planning and process formalization.

Qualifications:

• Strong communication, analytical, and judgment skills.
• Ability to work independently and collaboratively across teams and locations.
• Deep understanding of IT, risk management, and analytics.
• Familiarity with frameworks such as COBIT, NIST 800-53, NIST CSF, ISO.
• Experience with regulatory requirements (e.g., Reg SCI, CFTC 99.18).
• Proficiency in tools like ServiceNow, Tableau, Archer GRC, Jira, and Confluence.

Education & Experience:

• Minimum 5 years of hands-on experience in Information Security, preferably in Compliance, Audit, or Risk Management.
• Bachelor's degree in Computer Science, MIS, Statistics, Mathematics, or equivalent experience.

Certifications (Preferred but not required):

• GIAC, CISSP, CISA, CISM, CRISC, AWS certifications

Benefits:

• Hybrid work model with remote flexibility
• Tuition reimbursement and student loan assistance
• Technology stipend for remote work setup
• Generous PTO and parental leave
• 401(k) employer match
• Comprehensive health benefits (medical, dental, vision)