S&P Global - Peoria, IL

posted 19 days ago

Full-time - Senior
Peoria, IL
10,001+ employees
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

The Senior Security Engineer at S&P Ratings is a Director-level individual contributor responsible for developing and implementing security architecture and engineering best practices across S&P Ratings technology platforms. This role focuses on safeguarding systems and data by providing security engineering and architecture consultation, particularly in the context of GenAI applications. The engineer will collaborate with various teams to identify technical risks, implement security controls, and enhance the security posture of applications and services.

Responsibilities

  • Develop, implement and maintain Application security and GenAI security strategy.
  • Provide architectural guidance on best practices regarding security in software development and related technologies.
  • Drive and guide the specification and realization of a security architecture, balancing security risks with business requirements.
  • Perform threat modeling, secure code reviews, and secure design reviews for high-risk applications.
  • Conduct vulnerability research and serve as a technical security/risk advisor for new technology/applications.
  • Determine testing requirements and develop strategies to automate security testing using various tools.
  • Assist developers in remediating vulnerability findings with detailed guidance.
  • Coach development teams on security disciplines and provide training on software security best practices.
  • Maintain knowledge of current and emerging technologies related to security architectural solutions.
  • Develop repeatable application security patterns to ensure systems are placed within relevant security zones.
  • Consult on security incident response processes and application penetration tests to identify security gaps.
  • Guide teams in building secure Cloud Native applications incorporating best practices.

Requirements

  • Bachelor's degree in Computer Science or related field, or relevant work experience.
  • 12 or more years of progressive experience in Security engineering roles.
  • Demonstrated expertise in Application Security, Web services security, and GenAI/LLM security.
  • Programming expertise in Java and Python, with experience in Agile SDLC processes.
  • Experience with threat modeling, design reviews, risk analysis, and control design.
  • Experience architecting and leading security for Cloud native applications.
  • In-depth knowledge of network security, authentication, and authorization.
  • Advanced understanding of vulnerability exploitation chaining and remediation.
  • Expertise in product/application security architecture including SOA, Network security, and web services.
  • Skills in security audit, vulnerability assessment, and packet analysis.
  • Knowledge of TCP/IP stack, encryption, TLS, DTLS, ECC, and PKI/Certificates.
  • Experience with Identity & Access Management systems like AD/LDAP.

Nice-to-haves

  • Experience with AI technologies and services (e.g., OpenAI, Bedrock).
  • Expertise in the security of Gen AI models, including multi-modal models.
  • Experience with automation tools associated with DevOps and CI/CD pipelines.
  • Familiarity with SAST/DAST/SCA tools like Fortify and Whitesource.
  • Knowledge of AWS cloud architecture and virtualization technologies such as Containers, EKS, Kubernetes, and VMware.
  • Experience in defining and documenting security reference architectures and standards.
  • Database knowledge including Postgres, Oracle, Databricks, and Snowflake.
  • Familiarity with Secure SDLC frameworks such as NIST SSDF, OpenSAMM, and BSIMM.
  • Security forensic analysis skills.

Benefits

  • Health care coverage designed for the mind and body.
  • Generous time off to keep employees energized.
  • Access to resources for continuous learning and career growth.
  • Competitive pay and retirement planning options.
  • Family-friendly perks and benefits for partners and children.
  • Retail discounts and referral incentive awards.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service