Senior Lead III – Security Architect
| Company | S&P Global |
|---|---|
| Location | Boston, MA, USA, Nashville, TN, USA, Harrisburg, PA, USA, Austin, TX, USA, Raleigh, NC, USA, Richmond, VA, USA, Annapolis, MD, USA, Tallahassee, FL, USA, New York, NY, USA, Phoenix, AZ, USA, Denver, CO, USA, Columbia, SC, USA, Atlanta, GA, USA, Charleston, WV, USA, Montgomery, AL, USA |
| Salary | $130000 – $220000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Bachelor’s degree in Computer Science or related field, or relevant experience.
- 12+ years in Security engineering roles.
- Expertise in Application Security, Web services, and Network Security.
- Proficiency in Java, Python, and Agile SDLC.
- Experience with threat modeling, risk analysis, and controls.
- Experience leading security for Cloud-native applications.
- In-depth knowledge of network security and authentication.
- Advanced understanding of vulnerability exploitation and remediation.
- Expertise in security architecture, SOA, web services, and JavaScript.
- Skills in security audits, vulnerability assessments, and packet analysis.
- Knowledge of TCP/IP, encryption, TLS, and PKI/Certificates.
- Experience with Identity & Access Management.
Responsibilities
- Evaluate threats and identify vulnerabilities to prioritize data security risks.
- Develop and enforce data security policies for compliance with industry standards.
- Review access management controls for security gaps.
- Implement encryption techniques to protect sensitive data.
- Maintain Application and Cloud security strategies.
- Guide security best practices in software development, UI design, and technologies.
- Lead the creation of a security architecture, balancing business risks and customer needs.
- Perform threat modeling, secure code reviews, and design reviews for high-risk apps.
- Conduct vulnerability research and advise on new technologies.
- Automate security testing using scripting and open-source tools.
- Assist developers with vulnerability remediation.
- Coach teams on security practices like threat modeling and code reviews.
- Stay updated on emerging security technologies and trends.
- Develop repeatable security patterns based on data and system purpose.
- Consult on incident response processes and App Penetration tests.
- Guide teams in building secure Cloud Native applications with best practices.
Preferred Qualifications
- Experience securing Gen AI models.
- Experience with security automation.
- Knowledge of AWS, Containers, Kubernetes, and VMware.
- Experience defining security reference architectures and standards.
- Familiarity with automation tools for DevOps and CI/CD pipelines.
- Knowledge of SAST/DAST/SCA tools (e.g., Fortify, Whitesource).
- Experience with databases (Postgres, Oracle, Snowflake).
- Familiarity with Secure SDLC frameworks (e.g., NIST SSDF, OpenSAMM).
- Security Forensic analysis skills.