About the Role:

OSTTRA India

The Role: Assistant Manager Information Security

The Team: The OSTTRA Technology teamis composed of Capital Markets Technology professionals who buildsupportand protect the applications that operate our network. The technology landscapeincludeshighperformance highvolume applications as well as compute intensive applicationsleveragingcontemporary microservices cloudbased architectures.

The Impact: Together we build support protect and manage highperformance resilient platforms that process more than 100 million messages a day. Our services are vital to automated trade processing around the globe managing peak volumes and working with our customers and regulators to ensure the efficient settlement of trades and effective operation of global capital markets.

Whats in it for you:

We are seeking a highly motivated and experienced Information Security person to join our growing security team. In this role you will be responsible for managing and optimizing our Data Loss Prevention (DLP) solutions ensuring compliance with relevant security standards i.e. ISO 27001 NIST and implementing and maintaining robust Identity and Access Management (IAM) and Privileged Access Management (PAM). You will play a crucial role in protecting our sensitive data and ensuring the security posture of our organization.

This is an excellent opportunity to be part of a team based out of Gurgaon and to work with colleagues across multiple regions globally.

Responsibilities:

Data Loss Prevention (DLP) Management:

• Implement Manage and optimize DLP tools policies to prevent data leaks and ensure data protection.

• Develop and maintain DLP policies and procedures.

• Regularly update and finetune DLP rules to adapt to evolving data protection needs.

• Monitor and analyse DLP alerts and incidents and perform incident response.

• Provide training and guidance to users on DLP best practices.

• Implement realtime monitoring and logging for data movement and access patterns.

• Generate detailed reports on data loss attempts policy breaches and user behavior anomalies.

• Evaluate and recommend improvements to existing DLP solutions.

• Develop playbooks for quick response to DLPrelated threats and incidents.

• Perform regular data flow assessments to identify unprotected data paths

Identity and Access Management (IAM) and Privileged Access Management (PAM):

• Manage requirements around IAM and PAM security including user provisioning access control and privileged access management.

• Develop and enforce IAM and PAM policies and procedures.

• Conduct regular access reviews and audits.

• Generate compliance reports for internal and external audits (e.g. SOX GDPR PCIDSS).

• Troubleshoot IAM and PAM issues together with the respective Infrastructure teams.

• Integrate IAM/PAM systems with other security and business applications.

• Regularly evaluate IAM/PAM solutions to keep pace with emerging threats and technologies.

Information Security Compliance:

• Ensure compliance with relevant security standards and regulations including ISO 27001 NIST Standard

• Conduct internal security audits and assessments.

• Develop and maintain security documentation and procedures.

• Assist with external security audits and assessments.

• Stay up to date on the latest security threats and vulnerabilities.

Other Duties:

• Provide security consulting and support to other teams.

• Knowledge on Application Pen testing would be an added advantage

• Evaluate and recommend new security technologies and solutions.

• Participate in security awareness training and initiatives.

• Understanding on Technology & Security Risk Management and Vendor Risk Management Framework

What Were Looking For:

Qualifications:

• 7 to 8 years experience working in IT Security & GRC in multiple capacities.

• Bachelors in IT Computer Science Cyber Security or equivalent experience required.

• Proven experience with DLP tools and technologies (e.g. Symantec DLP Forcepoint DLP Microsoft Information Protection Zscaler etc. and certification on these tools would be added advantage

• Strong understanding of IAM and PAM concepts tools and technologies and certification on these tools would be added advantage

• Indepth knowledge of ISO 27001 and other relevant security standards and regulations.

• Certification like ISO 27001 CISA CRISC CISM etc. would be an added advantage.

Competencies:

• The ability to multitask act under pressure and quickly identify and deal with priority matters under tight deadlines. Attention to detail is essential.

• The ability to handle multiple inquiries at any one time often under considerable deadline pressure.

• The ability to work both independently and as part of a team.

Desired Skills:

• Excellent written and spoken English.

• Detail oriented with excellent research analytical and critical thinking skills.

• Strong documentation oral and written communications and interpersonal skills.

The Location: Gurgaon India

About Company Statement:

OSTTRAis a market leader inderivatives posttrade processing bringing innovation expertise processes and networks together to solve the posttrade challenges of global financial markets. OSTTRA operates crossasset posttrade processing networksprovidinga proven suite of Credit Risk Trade Workflow and Optimisation these solutions streamline posttrade workflows enabling firms to connect to counterparties and utilities manage credit risk reduce operationalrisk andoptimiseprocessingtodrive posttrade efficiencies.

OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20 years: MarkitServ Traiana TriOptima and Reset. These businesses have an exemplary track record of developing and supporting critical market infrastructure and bring together an established community of market participants comprisingall trading relationships and paradigms connectedusingpowerful integration and transformation capabilities.

About OSTTRA

Candidates should note that OSTTRAis an independentfirm jointly owned by S&P Global and CME Group. As part of the joint venture S&P Global providesrecruitmentservices to OSTTRA however successful candidates will be interviewed and directly employed by OSTTRA joiningour global team of more than 1200 posttrade experts.

OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20 years: MarkitServ Traiana TriOptima and Reset. OSTTRA is a joint venture owned 50/50 by S&P Global and CME Group.

With an outstanding track record of developing and supporting critical market infrastructure our combined network connects thousands of market participants to streamline end to end workflows from trade capture at the point of through portfolio optimization to clearing and settlement.

Joining the OSTTRA team is a unique opportunity to help build a bold new business with an outstanding heritage in financial technology playing a central role in supporting global financial markets.

Learn more at.

Whats In It For You

Benefits:

We take care of you so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global.

Our benefits include:

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay retirement planning a continuing education program with a companymatched student loan contribution and financial wellness programs.

• Family Friendly Perks: Its not just about you. S&P Global has perks for your partners and little ones too with some bestin class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awardssmall perks can make a big difference.

For more information on benefits by country visit: https://spgbenefits/benefitsummaries