Network Security Engineer

About the Role:

Design and Implementation:

• Design, plan, and implement secure network architectures, including firewalls, VPNs (Virtual Private Networks), intrusion detection/prevention systems (IDS/IPS), web application firewalls (WAF), and other security solutions.
• Configure and optimize network security devices and software (routers, switches, firewalls, load balancers, etc.) to ensure maximum security and performance.
• Develop and implement security policies, procedures, and guidelines based on industry best practices and compliance requirements (e.g., ISO 27001, NIST, GDPR).
• Collaborate with other IT teams (network, server, development) to integrate security into new and existing systems and applications.

Vulnerability Management and Testing:

• Conduct regular vulnerability assessments and penetration testing to identify weaknesses and potential security gaps in the network infrastructure.
• Perform security reconnaissance to gather intelligence on potential threats and vulnerabilities.
• Analyze security scan results and lead remediation efforts for identified vulnerabilities.
• Stay up-to-date with emerging threats, vulnerabilities, and attack vectors to proactively advise and guide the organization on necessary security upgrades and patches.

Security Monitoring and Incident Response:

• Continuously monitor network activity, security logs (SIEM), and alerts for suspicious behavior, anomalies, and potential security incidents.
• Investigate and respond to security incidents, including data breaches, malware infections, phishing attempts, and unauthorized access.
• Develop and maintain incident response plans and disaster recovery procedures to ensure quick recovery from security events.
• Perform forensic analysis in the event of a security breach to determine the root cause and extent of the damage.

Maintenance and Operations:

• Perform regular maintenance, updates, and patching of network security hardware and software.
• Manage identity and access management (IAM) policies to prevent unauthorized access to sensitive data and systems.
• Maintain and manage security configurations for servers, switches, and other network devices.
• Ensure proper and regular maintenance of web and email security protocols.

Collaboration and Documentation:

• Collaborate with cross-functional teams to align security policies with organizational goals and industry standards.
• Provide training and guidance to employees on cybersecurity best practices and security awareness.
• Document network security configurations, processes, and incident reports.
• Interface with external vendors for security assessments, audits, and product evaluations.

Required Skills and Qualifications:

Technical Skills:

• In-depth knowledge of network protocols (TCP/IP, DNS, DHCP, etc.).
• Strong understanding of network security concepts, including firewalls, VPNs, IDS/IPS, WAF, DLP, antivirus, endpoint security, and SIEM.
• Experience with various network security technologies and vendors (e.g., Cisco, Palo Alto Networks, Fortinet, Check Point).
• Proficiency in network troubleshooting and analysis tools (e.g., Wireshark, Snort).
• Familiarity with operating systems (Windows, Linux) and virtualization technologies.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Understanding of cloud security principles and practices (AWS, Azure, GCP) is increasingly important.

About OSTTRA

Candidates should note that OSTTRA is an independent firm, jointly owned by S&P Global and CME Group.  As part of the joint venture, S&P Global provides recruitment services to OSTTRA - however, successful candidates will be interviewed and directly employed by OSTTRA, joining our global team of more than 1,200 post trade experts.

OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20+ years:  MarkitServ, Traiana, TriOptima and Reset.  OSTTRA is a joint venture, owned 50/50 by S&P Global and CME Group.

 With an outstanding track record of developing and supporting critical market infrastructure, our combined network connects thousands of market participants to streamline end to end workflows - from trade capture at the point of execution, through portfolio optimization, to clearing and settlement.

Joining the OSTTRA team is a unique opportunity to help build a bold new business with an outstanding heritage in financial technology, playing a central role in supporting global financial markets. 

Learn more at www.osttra.com.

What’s In It For You?

Benefits:

We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global.

Our benefits include: 

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.

• Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries

Recruitment Fraud Alert:

If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here.

-----------------------------------------------------------

Equal Opportunity Employer

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law.  Only electronic job submissions will be considered for employment.  

 

If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.  
 
US Candidates Only:  The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.  Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf

-----------------------------------------------------------

20 - Professional (EEO-2 Job Categories-United States of America), BSMGMT203 - Entry Professional (EEO Job Group)