FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Application & Cloud Security Lead
S&P GlobalApplication & Cloud Security Lead overseeing security architecture and cyber risk management initiatives. Collaborating across teams to protect applications and cloud environments in S&P Global's Energy Division.
Tech Stack
Tools & technologiesAWSAzureCloudCyber SecurityGoogle Cloud PlatformKubernetes
About the role
Key responsibilities & impact- Lead and coordinate application, cloud, and AI security initiatives across the S&P Global Energy Division in alignment with S&P Global's cyber risk management objectives.
- Conduct security architecture reviews for applications, APIs, cloud platforms, data flows, integrations, and AI-enabled solutions to identify risks and recommend secure design improvements.
- Partner with engineering, product, architecture, cloud, and business teams to embed security requirements into solution design, development, deployment, and operations.
- Enforce application security controls, including secure coding practices, vulnerability remediation, authentication, authorization, secrets management, dependency security, and software supply chain risk management.
- Oversee cloud security control implementation across public cloud environments, including identity and access management, network security, encryption, logging, monitoring, workload protection, and secure configuration.
- Review and assess AI and machine learning use cases for security risks, including data leakage, prompt injection, model exposure, access control, third-party AI risk, and misuse scenarios.
- Track, prioritize, and drive remediation of application, cloud, and AI security findings, exceptions, and risk acceptances in partnership with accountable technology owners.
- Support cyber risk assessments, compliance reviews, audit requests, and security reporting related to Energy Division applications, cloud services, and AI-enabled platforms.
- Develop and maintain metrics, dashboards, and executive-level reporting to communicate security posture, risk trends, remediation progress, and key security initiatives.
- Serve as a trusted security advisor and liaison between the Energy Division and Enterprise cybersecurity teams, promoting secure-by-design practices and consistent adoption of security standards.
Requirements
What you’ll need- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field, or equivalent professional experience.
- 5-8+ years experience in cybersecurity, with a strong focus on application security, cloud security, security architecture, and/or technology risk management.
- Experience conducting security architecture reviews for applications, APIs, cloud platforms, data platforms, and enterprise technology solutions.
- Experience with DevSecOps, CI/CD security, container security, Kubernetes security, infrastructure-as-code scanning, secrets management, and software supply chain security.
- Experience with cloud security tools such as CSPM, CWPP, CNAPP, SIEM, vulnerability management platforms, container scanners, and identity governance tools.
- Familiar with AI security concepts such as prompt injection, model access control, sensitive data exposure, model monitoring, adversarial testing, AI red teaming, and third-party AI risk.
- Experience working with public cloud environments such as AWS, Azure, or Google Cloud Platform.
- Experience partnering with cross-functional stakeholders including technology, product, risk, compliance, privacy, legal, and business teams.
- Strong written and verbal communication skills, with the ability to explain technical security risks to both technical and non-technical audiences.
- Ability to prioritise risks, influence remediation, and drive outcomes in a complex enterprise environment.
- Relevant certifications such as CISSP, SABSA, CCSK, Cloud Vendor Certifications (e.g. AWS Certified Security — Specialty, AWS Certified Solution Architect, Google Professional Cloud Security Engineer) or equivalent credentials.
Benefits
Comp & perks- Health & Wellness: Health care coverage designed for the mind and body.
- Flexible Downtime: Generous time off helps keep you energized for your time on.
- Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
- Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
- Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in-class benefits for families.
- Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Security Architecture ReviewsVulnerability RemediationSecure Coding PracticesIdentity and Access ManagementContainer SecurityInfrastructure-as-Code ScanningAI Security ConceptsPublic Cloud EnvironmentsRisk AssessmentCompliance Reviews
Soft Skills
Strong Communication SkillsInfluencing RemediationPrioritizing Risks
Certifications
CISSPSABSACCSKAWS Certified Security — SpecialtyGoogle Professional Cloud Security Engineer