Application Security Engineering

Description:

A successful candidate for this position will provide technical leadership, and manage a team that:
Provides architectural guidance on best practices regarding security in software development, shared services, user interface design frameworks, high performance messaging solutions, server-side development, integrations, tools and technologies
Drives and guides the specification and realization of a security architecture, with decisions driven by balancing security risks faced by the business along with customer or market requirements
Develop, implement and maintain Application security and GenAI security strategy
Perform threat modeling, secure code reviews, and secure design reviews for high risk applications, evaluate new technology stacks and frameworks
Perform vulnerability research, serve as technical security/risk advisor for new technology/applications developed by S&P Ratings
Determine testing requirements and develop strategies to automate security testing using a variety of scripting and open source tools
Assist developers in remediating vulnerability findings by providing line-by-line guidance
Coaches development teams on security disciplines like Threat modeling, Security code reviews, provide training and education to developers on software security best practices
Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions
Develops repeatable application security patterns to ensure that systems are placed within the relevant security zones based on the data they house and their purpose
Consults and assists with security incident response process
Consults on efforts to work with internal and external teams to effectively scope and drive Application Penetration tests that help identify and mitigate gaps in security controls
Guide development and SRE teams in building secure Cloud Native applications by incorporating Cloud and Microservices Security best practices and industry standards

Compensation/Benefits Information: (This section is only applicable to US candidates)

S&P Global states that the anticipated base salary range for this position is $125,000 to $220,000. Final base salary for this role will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses and certifications.

In addition to base compensation, this role is eligible for an annual incentive plan.

This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please click here .