Senior Security Engineer II at S&P Global

Cambridge, Massachusetts, United States

Apply Now

$160,000 – $190,000Compensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Financial Services, Artificial Intelligence, TechnologyIndustries

Requirements

Five or more years of experience as a security engineer
Experience securing modern web applications and distributed data infrastructure in a cross-team setting
Prior experience working with enterprise security technologies such as WAF, CSPM, OAuth2, and SIEM
Strong understanding of cryptography and current best practices
Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies
Three or more years experience writing code in Python, Javascript, Java, or Go
Experience conducting or facilitating IT security audits
Familiarity with security models for cloud providers

Responsibilities

Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards
Develop and update security plans: Planning and managing security projects and initiatives
Demonstrate excellent surveillance and emergency response skills
Identify and mitigate security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools
Implement de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts
Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security program
Conduct risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks
Audit policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place
Build a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them
Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance
Analyze and recommend security practices and tools for engineering teams to incorporate into the software development lifecycle
Execute security architecture reviews for e2e application frameworks
Perform Cloud Security Posture Management (CSPM), working with Infrastructure teams to continuously improve
Support SIEM integration for the security stack

Skills

Key technologies and capabilities for this role

Security FrameworksVulnerability AssessmentStatic AnalysisDynamic AnalysisIncident ResponseNetwork SecurityEmergency ResponseSecurity Planning

Questions & Answers

Common questions about this position

What is the salary range for the Senior Security Engineer II position?

The anticipated base salary range is 160k-190k. This role is also eligible for an annual incentive bonus and equity plans.

Is this a remote or hybrid role, and what are the location requirements?

This is a hybrid role requiring a minimum of two days a week on-site at one of our Kensho hubs in Cambridge, MA or NYC, with additional on-site participation in team meetings or company events as required.

What key skills are required for this Senior Security Engineer role?

Key skills include implementing security frameworks, performing static and dynamic vulnerability assessments, risk assessment and management, emergency response, and maintaining a GenAI security posture.

What is the company culture like at Kensho?

Kensho values thoughtful, collaborative technologists who work closely with Infrastructure and product teams, emphasizing in-person collaboration.

What makes a strong candidate for this security engineer position?

Strong candidates demonstrate experience in security frameworks, vulnerability management, risk assessment, emergency response, and GenAI security, with a collaborative approach to working with teams.

S&P Global

Provides financial information and analytics services

About S&P Global

S&P Global provides financial information and analytics to a wide range of clients, including investors, corporations, and governments. The company offers services such as credit ratings, market intelligence, and indices, which help clients understand and navigate the global financial market. S&P Global's products work by utilizing advanced data analytics and research to deliver insights that assist clients in making informed decisions and managing risks. Unlike many competitors, S&P Global has a diverse range of divisions, including S&P Global Ratings and S&P Dow Jones Indices, which allows it to cater to various financial needs. The company's goal is to support clients in driving growth while also committing to corporate responsibility and positive societal impact.

New York City, New YorkHeadquarters

1917Year Founded

IPOCompany Stage

Data & Analytics, Financial ServicesIndustries

10,001+Employees

Benefits

Health Insurance

Unlimited Paid Time Off

Professional Development Budget

401(k) Company Match

Family Planning Benefits

Employee Discounts

Risks

Integration challenges with new acquisitions like ProntoNLP may cause operational issues.

Increased competition from AI-driven platforms like Brooklyn Investment Group.

Dependence on volatile credit ratings market could impact revenue stability.

Differentiation

S&P Global integrates advanced AI tools for superior financial analytics capabilities.

The company offers comprehensive ESG solutions, meeting growing sustainability demands.

S&P Global's diverse divisions provide a wide range of financial services globally.

Upsides

Acquisition of ProntoNLP boosts data analytics and sentiment scoring capabilities.

Rising demand for ESG data enhances S&P Global's market position.

Expansion into India strengthens S&P Global's research and insights offerings.

Land your dream remote job 3x faster with AI

Try Jobo Free