S&P Global - Johnston, RI

posted 19 days ago

Full-time - Senior
Johnston, RI
10,001+ employees
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

The Senior Security Engineer role at S&P Global Ratings is a Director-level individual contributor position focused on enhancing security architecture and engineering practices across technology platforms. The role involves collaboration with various teams to identify and mitigate security risks, develop security strategies, and implement best practices in application security, particularly in GenAI applications. The successful candidate will drive the Secure SDLC roadmap, mentor development teams, and ensure the delivery of secure applications.

Responsibilities

  • Develop, implement and maintain Application security and GenAI security strategy
  • Provide architectural guidance on best practices regarding security in software development
  • Drive and guide the specification and realization of a security architecture
  • Perform threat modeling, secure code reviews, and secure design reviews for high-risk applications
  • Perform vulnerability research and serve as a technical security/risk advisor
  • Determine testing requirements and develop strategies to automate security testing
  • Assist developers in remediating vulnerability findings
  • Coach development teams on security disciplines and provide training on software security best practices
  • Maintain knowledge of current and emerging technologies related to security architectural solutions
  • Develop repeatable application security patterns
  • Consult and assist with security incident response process
  • Consult on Application Penetration tests to identify and mitigate security gaps
  • Guide development and SRE teams in building secure Cloud Native applications

Requirements

  • Bachelor's degree in Computer Science or related field
  • 12 or more years of progressive related experience in Security engineering roles
  • Demonstrated subject matter expertise in Application Security, Web services security, GenAI/LLM security
  • Programming expertise in Java and Python
  • Experience with threat modeling, design reviews, risk analysis and control design
  • Experience architecting and leading security for Cloud native applications
  • In-depth knowledge of network security, authentication and authorization
  • Advanced understanding of vulnerability exploitation chaining and remediation
  • Demonstrated expertise in product/application security architecture
  • Security audit, Vulnerability assessment and packet analysis skills
  • TCP/IP stack knowledge and Encryption expertise
  • Identity & Access Management knowledge

Nice-to-haves

  • Experience with AI technologies and services
  • Expertise in the security of Gen AI models
  • Experience with automation tools associated with DevOps and CI/CD pipelines
  • Familiarity with SAST/DAST/SCA tools
  • Database knowledge including Postgres, Oracle, Databricks, Snowflake
  • Familiarity with Secure SDLC frameworks
  • Security Forensic analysis skills

Benefits

  • Health care coverage
  • Generous time off
  • Access to resources for career growth
  • Competitive pay and retirement planning
  • Family-friendly perks
  • Retail discounts and referral incentive awards
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service