S&P Global Market Intelligence
Financial Markets
AssociateDirector,Security&Compliance
“Associate Director, Security & Compliance at S&P Global Market Intelligence. Skills: Penetration Testing, Red Teaming, Application Security, Cloud Security. Execute application and cloud penetration testing. Plan and conduct red team activities”
What You'll Achieve.
ensure safe, authorized, and controlled operations; improve coverage, efficiency, and testing quality; ensure exploit paths are fully closed and do not regress; drive education and stronger proactive security posture
Industry & Context.
proactively identifying exploitable risks; effectively remediating risk; providing solutions and guidance
What They're Looking For.
Must Have
10+ years of experience in penetration testing, red teaming, application security, or offensive security engineering, expertise in web, API, and cloud-native testing, including authentication, authorization, and identity abuse scenarios, Experience testing modern architectures (microservices, CI/CD pipelines, containers, SaaS), Hands-on scripting or development experience (e.g., Python, Go, JavaScript) to support exploit development and automation, Familiarity with OWASP Top 10, CWE/SANS Top 25, and secure development practices, Demonstrated experience operating within formal red team programs that include rules of engagement, legal authorization, and incident response coordination, Proven ability to partner effectively with engineering, AppSec, Cloud Security, and Incident Response teams, written and verbal communication skills, with the ability to convey risk to both technical and business stakeholders at all levels
Nice to Have
Offensive security certifications (e.g., OSCP, OSCE, GXPN, CRTO or equivalent experience), Experience testing AI-enabled or agentic systems, Experience with threat modeling and secure architecture review
What You'll Do.
Execute application and cloud penetration testing
Plan and conduct red team activities
Leverage AI-assisted testing techniques
Engage with product and engineering teams
Facilitate timely remediation
Validate remediation effectiveness
Drive education and security posture
Produce management-ready reports
Contribute to offensive security standards
How You'll Work.
Team & Collaboration
Partner closely within MI and Enterprise security; Engage directly with product and engineering teams; Partner effectively with engineering, AppSec, Cloud Security, and Incident Response teams
Communication Scope
written and verbal communication skills; convey risk to technical and business stakeholders
Applying for this Associate Director, Security & Compliance role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about S&P Global Market Intelligence?
Real rants from real employees. Read before you apply.