Lead Penetration Test and Incident Response Engineer

February 21

🌵 Arizona – Remote

Although this job is listed in Arizona, this company may be open to hiring remote in other states.

+2 more states

🌵 Arizona – Remote 🏖️ New Jersey – Remote ⚔️ Virginia – Remote

💵 $130k - $230k / year

⏰ Full Time

🟠 Senior

👮‍♂️ Security Engineer

Apply Now

Receive Emails with Similar Jobs

S&P Global

WebsiteLinkedInAll Job Openings

S&P Global is a leading provider of data, analytics, and insights for critical business decisions, offering a wide range of services including market intelligence, ratings, commodity insights, and indices like the S&P Dow Jones Indices. The company focuses on several key areas such as sustainability, private markets, energy transition, and artificial intelligence. It provides tools and platforms like S&P Capital IQ Pro and Ratings360, as well as ESG scores and indices that guide investment decisions. S&P Global’s offerings are integral to sectors such as finance, investment, and corporate governance, aiming to enhance transparency and efficiency in the global economy.

Analytics • Credit ratings • Finance • Energy & commodities information • Intelligence

10,000+ employees

Founded 1888

💸 Finance

⚡ Energy

📋 Description

• The S&P Ratings Security team focuses on protecting clients from modern-day security threats. • Seeking a lead security engineer with expertise in penetration testing, incident response, and forensics. • Conduct penetration tests, vulnerability scanning, threat assessments, attack simulations, and red/purple team assessments. • Support Cyber Incident Response Plan, assist in incident detection, containment, and analysis. • Lead attack simulations, research new attack vectors, and design threat assessments based on intelligence feeds and external analysis. • Present findings and remediation steps to both technical and non-technical stakeholders.

🎯 Requirements

• Bachelor’s degree or equivalent experience in computer science, Information Systems, or related field. • 8+ years in security engineering, focusing on penetration testing, vulnerability assessments, and incident response. • Proficiency with penetration testing tools (e.g., Burp Suite, Nessus, Metasploit, Nmap). • Expertise in identifying and exploiting web app and infrastructure vulnerabilities (CVE, CVSS, CWE). • Familiarity with secure software development lifecycle and secure coding. • Strong scripting skills in Python, GoLang, PowerShell, or JavaScript. • Experience with Java application technologies and security practices. • Experience in Security Assessments: DAST, SAST, SCA, and CI/CD security testing tools.

🏖️ Benefits

• Health & Wellness: Health care coverage designed for the mind and body. • Flexible Downtime: Generous time off helps keep you energized for your time on. • Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. • Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. • Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. • Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.