Application & Cloud Security Lead
Job Summary
About the Role:
Grade Level (for internal use):
11Role Summary
The Application & Cloud Security Lead will serve as a key security leader within the S&P Global Energy Division BISO team responsible for coordinating security initiatives across application cloud and AI-enabled environments. This role directly supports the protection of applications data systems and reputation by proactively managing cyber risk strengthening resilience and embedding security into everything we do.
The successful candidate will partner with technology product engineering cloud risk compliance and business stakeholders to ensure security is integrated into architecture delivery operations and innovation. The role will focus on security architecture reviews application security governance cloud security enforcement AI security oversight risk remediation and alignment with enterprise cybersecurity standards.
This position requires a hands-on security leader who can translate cybersecurity requirements into practical controls influence engineering teams guide secure design decisions and drive measurable improvements in cyber resilience across the Energy Division.
Key Responsibilities
Lead and coordinate application cloud and AI security initiatives across the S&P Global Energy Division in alignment with S&P Globals cyber risk management objectives.
Conduct security architecture reviews for applications APIs cloud platforms data flows integrations and AI-enabled solutions to identify risks and recommend secure design improvements.
Partner with engineering product architecture cloud and business teams to embed security requirements into solution design development deployment and operations.
Enforce application security controls including secure coding practices vulnerability remediation authentication authorization secrets management dependency security and software supply chain risk management.
Oversee cloud security control implementation across public cloud environments including identity and access management network security encryption logging monitoring workload protection and secure configuration.
Review and assess AI and machine learning use cases for security risks including data leakage prompt injection model exposure access control third-party AI risk and misuse scenarios.
Track prioritize and drive remediation of application cloud and AI security findings exceptions and risk acceptances in partnership with accountable technology owners.
Support cyber risk assessments compliance reviews audit requests and security reporting related to Energy Division applications cloud services and AI-enabled platforms.
Develop and maintain metrics dashboards and executive-level reporting to communicate security posture risk trends remediation progress and key security initiatives.
Serve as a trusted security advisor and liaison between the Energy Division and Enterprise cybersecurity teams promoting secure-by-design practices and consistent adoption of security standards.
Required Qualifications
Bachelors degree in Cybersecurity Computer Science Information Technology Engineering or a related field or equivalent professional experience.
5-8 years experience in cybersecurity with a strong focus on application security cloud security security architecture and/or technology risk management.
Experience conducting security architecture reviews for applications APIs cloud platforms data platforms and enterprise technology solutions.
Experience with DevSecOps CI/CD security container security Kubernetes security infrastructure-as-code scanning secrets management and software supply chain security.
Experience with cloud security tools such as CSPM CWPP CNAPP SIEM vulnerability management platforms container scanners and identity governance tools.
Familiar with AI security concepts such as prompt injection model access control sensitive data exposure model monitoring adversarial testing AI red teaming and third-party AI risk.
Experience working with public cloud environments such as AWS Azure or Google Cloud Platform.
Experience partnering with cross-functional stakeholders including technology product risk compliance privacy legal and business teams.
Strong written and verbal communication skills with the ability to explain technical security risks to both technical and non-technical audiences.
Ability to prioritise risks influence remediation and drive outcomes in a complex enterprise environment.
Relevant certifications such as CISSP SABSA CCSK Cloud Vendor Certifications (e.g. AWS Certified Security Specialty AWS Certified Solution Architect Google Professional Cloud Security Engineer) or equivalent credentials.
Whats In It For You
Our Mission:
Advancing Essential Intelligence.
Our People:
Were more than 35000 strong worldwideso were able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. Were committed to a more equitable future and to helping our customers find new sustainable ways of doing business. Join us and help create the critical insights that truly make a difference.
Our Values:
Integrity Discovery Partnership
Throughout our history the worlds leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do bring a spirit of discovery to our work and collaborate in close partnership with each other and our customers to achieve shared goals.
Benefits:
We take care of you so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global.
Our benefits include:
Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay retirement planning a continuing education program with a company-matched student loan contribution and financial wellness programs.
Family Friendly Perks: Its not just about you. S&P Global has perks for your partners and little ones too with some best-in class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awardssmall perks can make a big difference.
For more information on benefits by country visit: Hiring and Opportunity at S&P Global:
At S&P Global we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills experience and contributions. Our hiring practices emphasize fairness transparency and merit ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration we drive innovation and power global markets.
Recruitment Fraud Alert:
If you receive an email from a domain or any other regionally based domains it is a scam and should be reported to. S&P Global never requires any candidate to pay money for job applications interviews offer letters pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines fraudulent domains and how to report suspicious activityhere.
Equal Opportunity Employer
S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity color religion sex sexual orientation gender identity national origin age disability marital status military veteran status unemployment status or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability please send an email to:and your request will be forwarded to the appropriate person.
US Candidates Only:Know Your Rights: Workplace discrimination is illegal
About Company
We provide Essential Intelligence: a combination of the right data, connected technologies and experts to enable our customers to make decisions with conviction.