- Salary
- $125k – $145k
- Location
- US - NY NYC - 55 WATER ST 40 HRS, United States of America
- Workplace
- Hybrid
- Type
- Full-time
- Department
- Engineering
- Seniority
- Lead
- Education
- Bachelor
- Source
- Workday
Description
About the Role:
Grade Level (for internal use):
11The Team:
Our Information Security team is a growing corporate enterprise function that operates cross-divisionally to enable business success through proactive security practices. We're transforming our approach from reactive response to proactive risk management, building technology-enabled environments that support innovation while maintaining a strong security posture. As a collaborative team, we partner across all divisions to ensure security becomes an enabler rather than a barrier to business objectives.
Responsibilities and Impact:
Lead enterprise-wide vulnerability management lifecycle across infrastructure, cloud, and application environments, providing strategic oversight and risk-based prioritization to protect critical business assets
Drive cross-functional collaboration with application teams, IT managers, and business stakeholders to ensure timely vulnerability remediation while balancing security requirements with business priorities
Develop comprehensive reporting and metrics programs using multiple data sources to provide executive leadership with clear visibility into organizational security posture and risk trends
Mentor and guide junior security professionals while contributing to program maturity through process improvements, governance frameworks, and tooling strategy development
Support regulatory compliance and audit activities by ensuring alignment with enterprise security policies, industry standards, and emerging technology risk management requirements
Establish and monitor key performance indicators for vulnerability remediation, creating accountability frameworks that drive measurable improvements in security outcomes
What We're Looking For:
Basic Required Qualifications:
7+ years of operational security experience in vulnerability management, application security testing, or technical project management within large-scale, distributed enterprise environments
Deep expertise in vulnerability assessment frameworks including CVE, CVSS, CWE, and experience with enterprise vulnerability management platforms such as Qualys, Tanium, Rapid7, or similar solutions
Strong application security knowledge with ability to assess risk, map vulnerabilities to exploitation techniques, and translate complex technical findings into actionable business recommendations
Experience with application security testing tools including DAST/SAST platforms such as Fortify, Checkmarx, Veracode, or equivalent application security testing solutions
Bachelor's degree in Computer Science, Cybersecurity, Information Technology or equivalent professional experience in information security roles
Proven leadership and influence capabilities with demonstrated ability to drive cross-functional initiatives and stakeholder alignment without direct authority
Excellent analytical and communication skills with the ability to present security risks and recommendations to both technical teams and executive audiences
Relevant information security certifications such as CISSP, CISM, CEH, GCIH, or equivalent industry-recognized credentials
Additional Preferred Qualifications:
Advanced vulnerability management expertise with experience leading complex assessments across on-premises and cloud environments, including network, application, and configuration scanning with a deep understanding of remediation strategies
Proficiency in security reporting and analytics tools such as Power BI, Tableau, or similar platforms for developing executive-level dashboards and security metrics visualization
Strong knowledge of information security frameworks including NIST Cybersecurity Framework, ISO 27001, and risk management methodologies with experience supporting audit and regulatory compliance activities
Foundational understanding of emerging technologies including cloud platforms, AI/ML systems, and associated security risks such as model vulnerabilities and data protection considerations
Compensation/Benefits Information: (This section is only applicable to US candidates)
S&P Global states that the anticipated base salary range for this position is $125,000 to $145,000. Final base salary for this role will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses and certifications.
In addition to base compensation, this role is eligible for an annual incentive plan.
This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please click here.
What’s In It For You?
Our Mission:
Advancing Essential Intelligence.
Our People:
We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. Join us and help create the critical insights that truly make a difference.
Our Values:
Integrity, Discovery, Partnership
Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals.
Benefits:
We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global.
Our benefits include:
Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries
Global Hiring and Opportunity at S&P Global:
At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets.
Recruitment Fraud Alert:
If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to [email protected]. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here.
-----------------------------------------------------------
Equal Opportunity Employer
S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: [email protected] and your request will be forwarded to the appropriate person.
US Candidates Only: Know Your Rights: Workplace discrimination is illegal
-----------------------------------------------------------
20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group)