Associate Software Development Engineer – Information Security
Key Responsibilities
Secure Development Guidance: Assist in providing actionable security guidance to engineering teams across server-side development, UI frameworks, and cloud integrations.
Threat Modeling & Reviews: Partner with senior engineers to perform threat modeling, secure design reviews, and secure code reviews—with a growing focus on auditing AI agents, LLM pipelines, and cognitive workflows.
AI Risk Assessment: Assist in identifying vulnerabilities unique to AI systems (such as prompt injection, data poisoning, and insecure output handling) and help evaluate new AI technologies adopted by the business.
Security Automation: Leverage Python and open-source security tools to build, maintain, and automate security testing within the CI/CD pipeline.
Vulnerability Research: Help analyze, triage, and remediate vulnerabilities discovered during automated scans or manual testing, acting as a technical advisor for engineering teams.
Repeatable Security Patterns: Implement and support repeatable application security blueprints, ensuring applications and AI agents are appropriately sandboxed and segmented based on data sensitivity.
Continuous Learning: Keep pace with evolving security trends, zero-day vulnerabilities, and emerging frameworks for securing AI architectures (such as the OWASP Top 10 for LLMs).
Basic Qualifications
Education: Bachelor’s degree in Computer Science, Information Security, a related technical field, or equivalent practical experience.
Experience: 1year or more of professional experience in Information Security, Application Security, or a highly security-focused software development role.
Technical Skills & Core Competencies
Scripting & Programming: Proficiency in Python for security scripting, automation, or data handling (exposure to Java or JavaScript/Angular is a plus).
AI/LLM Awareness: Foundational knowledge of AI concepts, LLM architectures, or AI agents, including an understanding of how to securely interact with APIs and handle data privacy in AI workflows.
Application Security Basics: Familiarity with core AppSec concepts, web services, microservices/SOA architecture, and standard vulnerability frameworks (OWASP Top 10).
Network & Cryptography Fundamentals: Solid understanding of TCP/IP networking, transport layer security (TLS/DTLS), PKI, certificate management, and basic encryption concepts
Additional Information
Education: Bachelor’s degree in Computer Science/Information Security
S&P Global is a leading provider of transparent and independent ratings, benchmarks, analytics, and data spanning capital markets, commodities, and sustainability headquartered in New York City, powering $20+ trillion in asset management through flagship products like S&P 500, Ratings, Market Intelligence, and Commodity Insights worldwide. Founded through the 1860 merger of Henry Varnum Poor's railroad manuals and Standard Statistics, S&P Global serves 95%+ of Fortune 500 companies via major India hubs in Hyderabad, Bangalore, and Gurgaon driving financial data platforms and ESG analytics innovation.
⚠️
Note: If the link is expired, the opportunity is closed or disabled by the company. Check for other opportunities.