S&P Global
posted 4 months ago
The Director of Application Security Engineering at S&P Global Ratings is a pivotal role focused on safeguarding the organization’s technology platforms against modern security threats. This position is responsible for leading a team of security engineers and analysts to develop and implement security architecture and engineering best practices across S&P Ratings applications and services, including those utilizing Generative AI (GenAI). The mission of the S&P Ratings Security team is to protect clients and users by creating innovative solutions to address significant security challenges. In this senior-level position, the director will collaborate with software development, QA, SRE, and operations teams to identify technical risks at both the component and system levels. The role involves evaluating critical failure points, determining necessary technical security controls, and prioritizing these controls in alignment with application development timelines. The director will also be responsible for driving the Secure Software Development Life Cycle (SDLC) roadmap and enhancing the security engineering program. This includes developing security tooling, mentoring team members, and partnering with software, SRE, and QA teams to deliver secure applications. The successful candidate will provide technical leadership and manage a team that offers architectural guidance on security best practices across various domains, including software development, shared services, and user interface design. The director will also be tasked with developing, implementing, and maintaining application security and GenAI security strategies, performing threat modeling, secure code reviews, and vulnerability research, and serving as a technical advisor for new technologies and applications developed by S&P Ratings. Additionally, the role includes consulting on security incident response processes and guiding teams in building secure cloud-native applications by incorporating industry best practices.