S&P Global - Colorado Springs, CO
posted 2 months ago
The S&P Ratings Security team is dedicated to protecting clients and users from modern security threats. The mission of this team is to safeguard systems and data by developing innovative solutions to address significant security challenges. We are seeking a Senior Application Security Engineer/Director who will be responsible for the development and implementation of security architecture and engineering best practices across S&P Ratings technology platforms. This role will provide security engineering and architecture consultation to enhance security in S&P Ratings Applications and Services, including Generative AI applications. As a Director-level individual contributor, this position will collaborate with Security, software development, Data science/LLM, QA, and Operations teams to identify technical risks at both component and system levels. The successful candidate will evaluate critical failure points, determine technical security controls to mitigate risks, prioritize and schedule these controls in alignment with application development timelines, and work with cross-functional teams to implement necessary remediations. The role will drive the Secure SDLC roadmap, GenAI security strategy, and Cloud security architecture. It will also assist in maturing the security engineering program, develop security tooling, mentor team members, and partner closely with development teams to deliver innovative and secure applications. Key responsibilities include developing and maintaining application security and GenAI security strategies, providing architectural guidance on security best practices, performing threat modeling, secure code reviews, and vulnerability research, and coaching development teams on security disciplines.