Senior Security Engineer II

Kensho is S&P Globals hub for AI innovation and transformation. With expertise in Machine Learning and data discovery we develop and deploy novel solutions for S&P Global and its customers worldwide. Our solutions help businesses harness the power of data and Artificial Intelligence to innovate and drive progress. Kenshos solutions and research focus on speech recognition entity linking document extraction automated database linking text classification natural language processing and more.

As a Security Engineer at Kensho you are a thoughtful collaborative and seasoned technologist who will be working closely with the Infrastructure and product teams to ensure security across a number of systems and web applications. You will help us protect network boundaries keep systems and network devices against attacks and provide security frameworks and processes to protect confidential data like passwords and client information.

We also value in-person collaboration so this role will be hybrid working on-site a minimum of two days a week at one of our Kensho hubs (Cambridge MA or NYC) with additional on-site participation in team meetings or company events as required.

Kensho states that the anticipated base salary range for the position is 160k-190k. In addition this role is eligible for an annual incentive bonus and equity plans. At Kensho it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.

What Youll Do:

• Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards.

• Developing and updating security plans: Planning and managing security projects and initiatives

• Emergency response: Demonstrating excellent surveillance and emergency response skills

• Identifying and mitigating security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools.

• Implementing de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts

• Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security program

• Risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks

• Auditing policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place

• Building a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them

• Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance.

• Analyze and recommend security practices and tools for engineering teams to incorporate into the software development lifecycle.

• Execute security architecture reviews for e2e application frameworks.

• Cloud Security Posture Management (CSPM) working with Infrastructure teams to continuously improve.

• Support SIEM integration for the security stack.

What Youll Need:

• Five or more years of experience as a security engineer.

• Experience securing modern web applications and distributed data infrastructure in a cross-team setting.

• Prior experience working with enterprise security technologies such as WAF CSPM OAuth2 and SIEM.

• Strong understanding of cryptography and current best practices.

• Experience with penetration testing tools techniques and methodologies and understanding of common vulnerabilities and remediation strategies.

• Three or more years experience writing code in Python Javascript Java or Go.

• Experience conducting or facilitating IT security audits.

• Familiarity with security models for cloud providers such as AWS Azure and GCP.

• Familiarity with core networking concepts and standard protocols such as TCP UDP and HTTP

Technology Youll Encounter:

• Python Linux Docker Amazon EKS Git Jenkins Terraform Jsonnet Wiz Splunk Okta

• LLMs and agentic AI architecture

How to Really Get Our Attention:

• Experience securing services and applications running on Kubernetes

• Experience securing DevSecOps pipelines

• Experience with incident response

• Experience operating within a regulated financial institution or other regulatory environment

• Relevant research publications and patents

At Kensho we pride ourselves on providing top-of-market benefits including:

• Medical Dental and Vision insurance

• 100% company paid premiums

• Unlimited Paid Time Off

• 26 weeks of 100% paid Parental Leave (paternity and maternity)

• 401(k) plan with 6% employer matching

• Generous company matching on donations to non-profit charities

• Up to $20000 tuition assistance toward degree programs plus up to $4000/year for ongoing professional education such as industry conferences

• Plentiful snacks drinks and regularly catered lunches

• Dog-friendly office (CAM office)

• Bike sharing program memberships

• Compassion leave and elder care leave

• Mentoring and additional learning opportunities

• Opportunity to expand professional network and participate in conferences and events

Recruitment Fraud Alert:

If you receive an email from a domain or any other regionally based domains it is a scam and should be reported to. S&P Global never requires any candidate to pay money for job applications interviews offer letters pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines fraudulent domains and how to report suspicious activityhere.

We are an equal opportunity employer that welcomes future Kenshins with all experiences and perspectives. Kensho is headquartered in Cambridge MA with an additional office location in New York City. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity or national origin.