Technology Security Analyst (Associate)

About the Role:

OSTTRA India

The Role: Application Penetration Tester

The Team: The OSTTRA Technology team is composed of Capital Markets Technology professionals, who build, support and protect the applications that operate our network.  The technology landscape includes high-performance, high-volume applications as well as compute intensive applications, leveraging contemporary microservices, cloud-based architectures.

The Impact: Together, we build, support, protect and manage high-performance, resilient platforms that process more than 100 million messages a day. Our services are vital to automated trade processing around the globe, managing peak volumes and working with our customers and regulators to ensure the efficient settlement of trades and effective operation of global capital markets.

What’s in it for you:

Osttra is seeking an application penetration tester for role Technology Security Analyst (Associate) to join the Global Security team reporting to the Information security and GRC Director.

This is an excellent opportunity to be part of a team based out of Gurgaon and to work with colleagues across multiple regions globally.

Role Description:

We are seeking a motivated and detail-oriented Application Penetration Tester with approximately 1-2 year of experience to join our growing security team. The ideal candidate will possess a strong understanding of web application vulnerabilities, penetration testing methodologies, and security best practices. You will be responsible for conducting thorough security assessments of our applications, identifying vulnerabilities, and providing actionable recommendations for remediation.

Responsibilities:

• Conduct comprehensive penetration testing of web applications, mobile applications, and APIs using industry-standard methodologies (e.g., OWASP, PTES).

• Identify and exploit vulnerabilities, including but not limited to SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and authentication/authorization flaws.  

• Perform vulnerability assessments.

• Document and report findings in a clear and concise manner, including detailed steps for remediation.

• Collaborate with development teams to ensure vulnerabilities are addressed effectively.

• Stay up-to-date with the latest security threats, vulnerabilities, and penetration testing techniques.

• Utilize penetration testing tools such as Burp Suite, OWASP ZAP, and Metasploit.

• Contribute to the development and maintenance of security testing procedures and documentation.

• Perform code reviews for security vulnerabilities.

Required Skills and Qualifications:

• 1-2 years of experience in application penetration testing.

• Strong understanding of web application vulnerabilities and security principles.

• Familiarity with common penetration testing tools and techniques.

• Knowledge of OWASP Top 10 and other relevant security standards.

• Ability to analyze and interpret vulnerability scan results.

• Excellent written and verbal communication skills.

• Strong problem-solving and analytical skills.

• Understanding of network protocols (TCP/IP, HTTP, etc.).

• Basic knowledge of cloud security.

Preferred Certifications:

• CompTIA PenTest+, Certified Ethical Hacker (CEH), Offensive Security Web Application Exploitation (OSWE) or any other relevant security certifications.

Education:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

The Location: Gurgaon, India

About Company Statement: 

OSTTRA is a market leader in derivatives post-trade processing, bringing innovation, expertise, processes and networks together to solve the post-trade challenges of global financial markets.  OSTTRA operates cross-asset post-trade processing networks, providing a proven suite of Credit Risk, Trade Workflow and Optimisation services. Together these solutions streamline post-trade workflows, enabling firms to connect to counterparties and utilities, manage credit risk, reduce operational risk and optimise processing to drive post-trade efficiencies.  

 
OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20+ years:  MarkitServ, Traiana, TriOptima and Reset.  These businesses have an exemplary track record of developing and supporting critical market infrastructure and bring together an established community of market participants comprising all trading relationships and paradigms, connected using powerful integration and transformation capabilities.

About OSTTRA

Candidates should note that OSTTRA is an independent firm, jointly owned by S&P Global and CME Group.  As part of the joint venture, S&P Global provides recruitment services to OSTTRA - however, successful candidates will be interviewed and directly employed by OSTTRA, joining our global team of more than 1,200 post trade experts.

OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20+ years:  MarkitServ, Traiana, TriOptima and Reset.  OSTTRA is a joint venture, owned 50/50 by S&P Global and CME Group.

 With an outstanding track record of developing and supporting critical market infrastructure, our combined network connects thousands of market participants to streamline end to end workflows - from trade capture at the point of execution, through portfolio optimization, to clearing and settlement.

Joining the OSTTRA team is a unique opportunity to help build a bold new business with an outstanding heritage in financial technology, playing a central role in supporting global financial markets. 

Learn more at www.osttra.com.

What’s In It For You?

Benefits:

We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global.

Our benefits include: 

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.

• Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries

-----------------------------------------------------------

Equal Opportunity Employer

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law.  Only electronic job submissions will be considered for employment.  

 

If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.  
 
US Candidates Only:  The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.  Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf

-----------------------------------------------------------

20 - Professional (EEO-2 Job Categories-United States of America), BSMGMT203 - Entry Professional (EEO Job Group)