SG
S&P GlobalCloud & Application Security Engineer
Cloud & Application Security Engineer building security - first culture across the firm. Working with development and operations teams to remediate vulnerabilities and drive security practices.
About the role
- partner with Security Engineering Enablement and Security Architecture to design and ship secure software
- secure code reviews and help define requirements on prerelease control validation (SAST/DAST/SCA, API security, Container/IaC scans)
- Drive fix-first coaching—turn findings into clear remediation guidance and code examples
- operate, administer, and continuously improve our off the shelf AppSec and CloudSec tools
- Triage and disposition vulnerabilities across SAST/DAST/SCA/API/IaC/CSPM sources
- partner with Cloud Platform teams to harden AWS/Azure/GCP environments using CSPM/CNAPP controls
- support system administration, configuration, and maintenance for the AppSec/CloudSec/WAF toolset
- evaluate security tools on an ongoing basis
- serve as first-line triage for Responsible Disclosure submissions
- ensure consistent communications with Responsible Disclosure reporters and internal stakeholders
- use scripting/automation (Python, PowerShell, Bash, REST APIs, Terraform modules, GitHub Actions/Azure DevOps/GitLab CI)
- stakeholder for helping design Secure Pipelines
Requirements
- Bachelor’s degree in a related discipline and 6 years’ experience in a related field
- 2 years in Application / Product security or software engineering with a strong security focus
- Hands on depth with modern SDLC/DevSecOps in cloud-native environments: microservices, APIs, containers/Kubernetes, serverless, IaC (Terraform/CloudFormation/ARM/Bicep), and CI/CD integration
- Practical expertise operating and tuning SAST, DAST, SCA, API testing, IaC/container scanners, plus CNAPP for multi cloud
- Scripting/automation proficiency (Python preferred; PowerShell/Bash nice) and REST API integration skills
- Strong knowledge of OWASP Top 10, ASVS, SAMM, NIST SSDF, CSA CCM, secure design patterns, cryptography fundamentals, authN/Z (OAuth2/OIDC/JWT)
- Experience triaging responsible disclosure or bug bounty reports and driving coordinated remediation with product teams
- Familiarity with software supply chain security (SBOMs, signing, provenance, dependency risk) and runtime protection (RASP, WAF/WL, EDR for containers)
- Strong understanding of cloud architecture and infrastructure
Benefits
- The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations
- seven paid holidays throughout the calendar year
- up to 160 hours of paid wellness annually for their own wellness or that of family members
- additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave
- health care insurance (medical, dental, vision)
- retirement planning (401(k))
- paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Kafka Engineer managing real - time streaming pipelines with a focus on scaling and fault tolerance. Collaborating with DevOps teams to automate deployments and monitoring for enterprise systems.
Module Application Engineer focusing on developing suspension systems for major OEMs. Collaborating with technology partners to enhance vehicle performance and reliability.
Field Application Engineer collaborating with key customers in France. Supporting technical growth and aligning customer needs with AT&S solutions.
DA
Product Application Engineer for Danfoss Power Solutions segment. Providing technical support and training for products and customers in Xuzhou, China.
DA
DanfossSenior Application Engineer
Senior Application Engineer providing technical and product support across the Asia Pacific region. Supporting installations, troubleshooting, and customer training for HVAC systems.
PK
Poly-clip System GmbH & Co. KGApplication Engineer
Application Engineer consulting clients on solutions in automation and adhesive fields. Involves customer relationship management and participation in industry events.
DA
DanfossProduct Application Engineer
Product Application Engineer identifying solutions for customers with hydraulic valves and pumps at Danfoss, driving technical excellence and collaborative problem - solving.
IS
Illinois Department of Human ServicesSenior GIS Application Engineer
Senior GIS Application Engineer designing and maintaining ESRI - based GIS infrastructure for impactful geospatial solutions at TfL. Supporting the organization with reliability and performance of GIS systems.
BR
BrillioApplication Support Engineer
Application Support Engineer responsible for production support and improving application performance at Brillio, enhancing customer satisfaction through technical expertise.