Lead Associate Principal, Cyber Defense

OCCChicago, IL
$132,500 - $218,300Hybrid

About The Position

Lead the charge in protecting our organization from evolving cyber threats. As Lead Associate Principal, Cyber Defense, you'll drive the analysis of threats and vulnerabilities, lead a team of security professionals, and own the strategy for how we defend our enterprise. You'll take initiative to launch and lead security projects — assembling teams to remediate threats, incidents, and compliance gaps — while sharpening how we monitor third-party feeds and forums for emerging risks. You'll also guide regulatory compliance from documentation through testing and report key metrics directly to senior leadership. If you want a role where your leadership and expertise shape an organization's entire security posture, this is it.

Requirements

  • Proven team leadership and project management skills, with the initiative to drive solutions across diverse skillsets and work independently or with local/remote staff, vendors, and consultants.
  • Skilled in security assessments and control implementation based on standards like NIST, COBIT, ISO, ITIL, and the NIST Cybersecurity Framework.
  • Strong oral and written communication, analytical, and judgment skills, with the ability to engage effectively with all levels of management in both formal and informal settings.
  • Demonstrated proficiency in: Implementation and maintenance of security platforms (Splunk, Crowdstrike, Symantec DLP) and vulnerability assessment tools (Qualys, Nessus, nmap), including incident response playbook development and remediation management.
  • Proficiency with network sniffers/packet tracing tools (Ethereal, tcpdump, etc.), preventative/detective technologies (EDR, network-based analysis), and Web Application Firewalls.
  • Strong background in encryption technologies (PGP, PKI, X.509) and directory services/LDAP security (Active Directory, CA Directory).
  • Experience across client/server platforms (Solaris, Windows, Linux) and OS hardening procedures, plus proxy/caching services.
  • Knowledge of LAN/WAN routing and high availability protocols (OSPF, BGP4/iBGP, EIGRP, NSRP), cloud security tools (AWS, Azure, GCP), and SOAR tools/concepts.
  • Some experience scripting and leveraging APIs to integrate security monitoring tools, with knowledge of Generative and Prompt AI.
  • Minimum five years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response.
  • Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives.
  • Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure.
  • Industry knowledge of leading-edge security technologies and methods.
  • Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities.

Nice To Haves

  • Previous people/project management experience is a plus.

Responsibilities

  • Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting.
  • Oversee technical analysis of security events while coordinating incident response activities with internal and external teams.
  • Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures.
  • Develop and support briefings to OCC senior management as a trusted incident responder.
  • Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives.
  • Lead systems management team to operationalize remediation efforts for gaps identified.
  • Develop and implement security monitoring roadmaps for OCC technologies, applications, SaaS, and other cloud-hosted solutions. These roadmaps will direct efforts on implementation of monitoring use cases and measurement of monitoring capabilities.
  • Manage, implement, and validate security monitoring use cases, mapping to frameworks, technical configuration for security tools, etc.
  • Subject matter expert on security tools including appliances, hosted systems, and SaaS – including health checks, version updates, and content development.
  • Validate content changes to security tools are appropriate from other analysts and teams.
  • Report on and enhance current metrics surrounding security tool capabilities and efficacy.
  • Subject matter expert in the systems lifecycle --- performing upgrades, implementation of new technologies, and enhancement identification.
  • Confer with and advise subordinates on administrative policies and procedures, technical problems, priorities, and methods.
  • Advise management selecting and scheduling employee training classes, conferences, and seminars.

Benefits

  • A hybrid work environment, up to 2 days per week of remote work
  • Tuition Reimbursement to support your continued education
  • Student Loan Repayment Assistance
  • Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
  • Generous PTO and Parental leave
  • Competitive health benefits including medical, dental and vision
  • 401k Employer Match
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service