Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
S&P Global

Lead Penetration Test Engineer

S&P Global

Lead Penetration Test Engineer at S&P Global focusing on penetration testing and vulnerability assessments. Collaborating to ensure security across diverse environments while communicating findings effectively.

Posted 5/28/2026full-timePrinceton • Colorado, New Jersey, Texas • 🇺🇸 United StatesSenior💰 $135,000 - $200,000 per yearWebsite

Tech Stack

Tools & technologies
CloudGoJavaScriptPythonSQL

About the role

Key responsibilities & impact
  • Conduct comprehensive penetration testing of web applications, infrastructure, and cloud environments using both manual and automated techniques.
  • Develop custom scripts, tools, and methodologies to enhance penetration testing capabilities and automate security testing within CI/CD pipelines.
  • Apply cloud‑specific offensive techniques, including IAM abuse, container and serverless exploitation, and cloud misconfiguration testing.
  • Collaborate with engineering and development teams to analyze vulnerabilities, develop remediation plans, and strengthen application security across development and production lifecycles.
  • Perform detailed security assessments using DAST, SAST, and SCA tools to ensure continuous validation and improvement of security controls.
  • Lead and participate in attack simulations and tabletop exercises to validate security controls and improve organizational response capabilities.
  • Research emerging threats, attack vectors, and adversarial techniques to inform offensive and defensive strategies.
  • Partner with internal teams to design and execute threat assessments based on intelligence feeds and threat actor analysis.
  • Communicate and present penetration testing and security assessment findings to both technical and non‑technical stakeholders.
  • Provide actionable remediation guidance and risk mitigation strategies to strengthen the organization’s overall security posture.

Requirements

What you’ll need
  • Bachelor’s degree in Computer Science, Information Systems, or a related field, or equivalent experience.
  • Minimum 8 years of experience in information security with a strong focus on penetration testing, application security, and vulnerability management.
  • Hands-on experience with penetration testing tools (e.g., Burp Suite, Nessus, Metasploit, Nmap) and methodologies (e.g., OWASP Top 10, MITRE ATT&CK, PTES).
  • Expertise in identifying and exploiting common infrastructure and web application vulnerabilities (e.g., XSS, SQL Injection, IDOR).
  • Familiarity with vulnerability classification and scoring frameworks (CVE, CVSS, CWE).
  • Strong scripting or programming skills (e.g., Bash, Python, Go, PowerShell, JavaScript).
  • Experience performing security assessments (DAST, SAST, SCA, credential scanning) and integrating security testing into CI/CD pipelines.
  • Ability to translate complex technical findings into clear, actionable reports and confidently brief cross‑functional teams and executives.
  • At least one recognized offensive security certification (OSCP, OSCE3, OSEP, GXPN, GPEN, or CREST CRT/CCT).

Benefits

Comp & perks
  • Health & Wellness: Health care coverage designed for the mind and body.
  • Flexible Downtime: Generous time off helps keep you energized for your time on.
  • Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
  • Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
  • Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
  • Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingapplication securityvulnerability managementscriptingprogrammingsecurity assessmentscloud securityvulnerability exploitationsecurity testing methodologiesrisk mitigation
Soft Skills
communicationcollaborationanalytical thinkingproblem-solvingreportingleadershippresentation skillscross-functional teamworkstrategic thinkingadaptability
Certifications
OSCPOSCE3OSEPGXPNGPENCREST CRTCREST CCT