Lead, Information Security

S&P Global

Base: $107,433 to $237,100; bonus/equity: annual i...
Not specified
Ai and agentic ai security reviews
Cloud security implementation
Dynamic vulnerability assessments dast
S&P Global is seeking a Lead in Information Security to enhance their security practices, particularly focusing on application security and SecDevOps. The role involves developing scalable security programs, conducting vulnerability assessments, and fostering a culture of security awareness within product teams

Job Summary

  • The role focuses on building a scalable application security program while engaging closely with product teams to ensure security is integrated throughout the lifecycle.
  • Candidates must possess hands-on experience running AI security reviews, cloud security assessments, and various vulnerability testing methodologies including DAST, SAST, and SCA.
  • S&P Global offers competitive benefits including health coverage, generous time off, continuous learning resources, and financial wellness programs for its global workforce.

Matching Summary

Match Score: 85

S&P Global is seeking a Lead in Information Security to enhance their security practices, particularly focusing on application security and SecDevOps. The role involves developing scalable security programs, conducting vulnerability assessments, and fostering a culture of security awareness within product teams.

Salary

Base: $107,433 to $237,100; Bonus/Equity: Annual incentive plan eligible; Benefits: Health care, flexible downtime, retirement planning, student loan contribution

Skills & Requirements

Must-have

  • AI and Agentic AI security reviews
  • Cloud security implementation
  • Dynamic vulnerability assessments DAST
  • Static vulnerability assessments SAST
  • Software composition analysis SCA
  • Mobile vulnerability assessments MVA
  • Penetration testing execution

Nice-to-have

  • Strong communication skills
  • Cross-functional collaboration
  • Mentoring staff on security
  • Staying updated with latest tech

Key Requirements

  • 5-8 years of security engineering or application security experience
  • 3+ years of hands-on development experience
  • CISSP certification preferred
  • CSSLP certification preferred
  • AWS, GCP, or Azure security certificates preferred
  • US candidates only based on salary disclosure

Work Rights

Not specified

Tailored Resume

Cover Letter