Senior Lead Application Security Engineer
2 weeks ago
The S&P Global Ratings Security team is seeking a Senior Lead Application Security Engineer to join our team. As a key member of our security team, you will be responsible for developing and implementing security architecture and engineering best practices across our technology platforms.
Responsibilities and Impact:- Develop, implement, and maintain Application security and GenAI security strategy
- Provide architectural guidance on best practices regarding security in software development, shared services, user interface design frameworks, high-performance messaging solutions, server-side development, integrations, tools, and technologies
- Drive and guide the specification and realization of a security architecture, with decisions driven by balancing security risks faced by the business along with customer or market requirements
- Perform threat modeling, secure code reviews, and secure design reviews for high-risk applications, evaluate new technology stacks and frameworks
- Perform vulnerability research, serve as technical security/risk advisor for new technology/applications developed by S&P Global
- Determine testing requirements and develop strategies to automate security testing using a variety of scripting and open-source tools
- Assist developers in remediating vulnerability findings by providing line-by-line guidance
- Coach development teams on security disciplines like Threat modeling, Security code reviews, provide training and education to developers on software security best practices
- Maintain knowledge of current and emerging technologies/products/trends related to security architectural solutions
- Develop repeatable application security patterns to ensure that systems are placed within the relevant security zones based on the data they house and their purpose
- Consult and assist with security incident response process
- Consult on efforts to work with internal and external teams to effectively scope and drive Application Penetration tests that help identify and mitigate gaps in security controls
- Guide development and SRE teams in building secure Cloud Native applications by incorporating Cloud and Microservices Security best practices and industry standards
- Bachelor's degree in Computer Science, related field, or relevant work experience
- 12 or more years of progressive related experience in Security engineering roles
- Demonstrated subject matter expertise in Application Security, Web services security, GenAI/LLM security
- Programming expertise – Java, Python, Agile SDLC processes
- Experience with threat modeling, design reviews, risk analysis, and control design
- Experience architecting and leading security for Cloud native applications
- In-depth knowledge of network security, authentication, and authorization
- Advanced understanding of vulnerability exploitation chaining, and vulnerability remediation
- Demonstrated expertise in product/application security architecture – Service-oriented architecture (SOA), Network security, application security, web services, Angular, JavaScript
- Security audit, Vulnerability assessment, and packet analysis skills
- TCP/IP stack knowledge, Encryption expertise, TLS, DTLS, ECC, PKI/Certificates
- Identity & Access Management: AD/LDAP
- Experience with AI technologies and services (e.g., OpenAI, Bedrock, etc.)
- Expertise in the security of Gen AI models, including multi-modal models
- Experience with the security of automation built around Gen AI inputs and outputs
- Knowledge with AWS cloud architecture and virtualization technologies such as Containers, EKS, Kubernetes, and VMware
- Experience in defining and documenting security reference architectures and standards
- Experience with automation tools associated with DevOps and CI/CD pipelines, and with security integration into CI/CD
- Familiarity with SAST/DAST/SCA tools like Fortify, Whitesource
- Database, datalake knowledge – Postgres, Oracle, Databricks, Snowflake
- Familiarity with Secure SDLC frameworks such as NIST SSDF, OpenSAMM, BSIMM
- Security Forensic analysis skills
S&P Global is the world's foremost provider of credit ratings, benchmarks, analytics, and workflow solutions in the global capital, commodity, and automotive markets. With every one of our offerings, we help many of the world's leading organizations navigate the economic landscape so they can plan for tomorrow, today.
Benefits:We take care of you, so you can take care of business. We care about our people. That's why we provide everything you—and your career—need to thrive at S&P Global.
Our benefits include:
- Health & Wellness: Health care coverage designed for the mind and body.
- Flexible Downtime: Generous time off helps keep you energized for your time on.
- Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
- Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
- Family Friendly Perks: It's not just about you. S&P Global has perks for your partners and little ones, too, with some best-in-class benefits for families.
- Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries
Diversity, Equity, and Inclusion at S&P Global:At S&P Global, we believe diversity fuels creative insights, equity unlocks opportunity, and inclusion drives growth and innovation – Powering Global Markets. Our commitment centers on our global workforce, ensuring that our people are empowered to bring their whole selves to work. It doesn't stop there, we strive to better reflect and serve the communities in which we live and work, and advocate for greater opportunity for all.
-
Senior Lead Application Security Engineer
2 weeks ago
Victoria, British Columbia, Canada S&P Global Full timeAbout the RoleS&P Global is seeking a highly skilled Senior Lead Application Security Engineer to join our team. As a key member of our Security team, you will be responsible for developing and implementing security architecture and engineering best practices across our technology platforms.Responsibilities and ImpactDevelop and implement application...
-
**Senior Application Security Engineer**
2 months ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeAbout the RoleWe are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. As a key member of our security team, you will play a critical role in identifying and mitigating product security risks, ensuring the integrity and confidentiality of our applications and data.Key ResponsibilitiesImplement and Operate...
-
**Senior Application Security Engineer**
2 months ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeAbout the RoleWe are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. As a key member of our security team, you will play a critical role in identifying and mitigating product security risks, ensuring the integrity and confidentiality of our applications and data.Key ResponsibilitiesImplement and Operate...
-
Senior Application Security Specialist
1 month ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerJob Summary:We are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The successful candidate will be responsible for identifying and mitigating security risks in our applications, ensuring the highest level of security and compliance with industry...
-
Senior Application Security Specialist
1 month ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerJob Summary:We are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The successful candidate will be responsible for identifying and mitigating security risks in our applications, ensuring the highest level of security and compliance with industry...
-
Senior Application Security Specialist
5 days ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistJob Summary:We are seeking a highly skilled Senior Application Security Specialist to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies, as well as experience in leading application security functions in...
-
Senior Application Security Specialist
2 weeks ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistWe are seeking an experienced Senior Application Security Specialist to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies.The successful candidate will be responsible for driving the creation and...
-
Senior Application Security Specialist
1 week ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistJob Summary:We are seeking a highly skilled Senior Application Security Specialist to join our team at Integro Softwares Inc. As a key member of our security team, you will be responsible for identifying and mitigating application security risks, ensuring the integrity and confidentiality of our systems and...
-
Senior Application Security Specialist
4 weeks ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerWe are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies, as well as experience in leading application security functions in a fast-paced,...
-
Senior Application Security Specialist
4 weeks ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerWe are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies, as well as experience in leading application security functions in a fast-paced,...
-
Senior Application Security Specialist
1 week ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistJob Summary:We are seeking a highly skilled Senior Application Security Specialist to join our team at Integro Softwares Inc. As a key member of our security team, you will be responsible for identifying and mitigating application security risks, ensuring the development of secure software solutions, and...
-
Senior Application Security Specialist
2 months ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistWe are seeking an experienced Senior Application Security Specialist to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies, as well as excellent communication and collaboration skills.Key...
-
Senior Application Security Specialist
2 months ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security SpecialistWe are seeking an experienced Senior Application Security Specialist to join our team at Integro Softwares Inc. The ideal candidate will have a deep understanding of application security vulnerabilities and mitigation strategies, as well as excellent communication and collaboration skills.Key...
-
Lead Application Security Architect
2 weeks ago
Victoria, British Columbia, Canada S&P Global Full timeJob Title: Lead Application Security EngineerAt S&P Global, we are seeking a highly skilled Lead Application Security Engineer to join our team. As a key member of our Security team, you will be responsible for developing and implementing security architecture and engineering best practices across our technology platforms.Key Responsibilities:Develop and...
-
Senior Application Security Specialist
1 month ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerJob Summary:We are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The successful candidate will be responsible for identifying and mitigating security risks in our applications, ensuring the highest level of security and compliance with industry...
-
Senior Application Security Specialist
1 month ago
Victoria, British Columbia, Canada Integro Softwares Inc Full timeJob Title: Senior Application Security EngineerJob Summary:We are seeking an experienced Senior Application Security Engineer to join our team at Integro Softwares Inc. The successful candidate will be responsible for identifying and mitigating security risks in our applications, ensuring the highest level of security and compliance with industry...
-
Security Engineer
1 week ago
Victoria, British Columbia, Canada BCI Full timeAbout the RoleWe are seeking a highly skilled Security Engineer to join our team at BCI. As a key member of our Cyber Security Team, you will be responsible for developing security requirements and designing and implementing security solutions to protect our systems and data.Key ResponsibilitiesContribute to the development of security requirements and...
-
Security Engineering Manager
1 month ago
Victoria, British Columbia, Canada Canonical - Jobs Full timeAbout the RoleWe are seeking an exceptional Security Engineering Manager to join our team at Canonical. As a key member of our security leadership team, you will be responsible for leading and developing a team of engineers, ranging from graduate to senior, and driving the development of security features and capabilities for AppArmor, the security module...
-
Security Engineering Manager
1 month ago
Victoria, British Columbia, Canada Canonical - Jobs Full timeAbout the RoleWe are seeking an exceptional Security Engineering Manager to join our team at Canonical. As a key member of our security leadership team, you will be responsible for leading and developing a team of engineers, ranging from graduate to senior, and driving the development of security features and capabilities for AppArmor, the security module...
-
Security Engineering Manager
1 month ago
Victoria, British Columbia, Canada Canonical - Jobs Full timeAbout the RoleWe are seeking an exceptional Security Engineering Manager to join our team at Canonical. As a key member of our security leadership team, you will be responsible for leading and developing a team of engineers, ranging from graduate to senior, and driving the development of security features and capabilities for AppArmor, the security module...
