Lead II, Penetration Test/Incident Response Engineer

Grade Level (for internal use):

The Team:

S&P Ratings Security team focuses on protecting our clients and users from all aspects of modern-day security threats. The mission of our team is to safeguard systems and data by developing innovative solutions for the biggest security challenges. We are passionate problem solvers with deep security expertise.  

Responsibilities and Impact: We are seeking a lead security engineer with expertise in penetration testing, incident response, and forensics. The role focuses on penetration testing, with secondary duties in incident response. The candidate will conduct penetration tests, vulnerability scanning, threat assessments, attack simulations, and red/purple team assessments for S&P Ratings Applications and Services. Strong offensive security skills combined with experience in incident response and threat intelligence are key to identifying vulnerabilities and developing mitigation strategies.

Key Responsibilities:

• Penetration Testing & Vulnerability Assessments: Test web apps, infrastructure, and cloud environments for vulnerabilities using manual and automated techniques. Develop custom tools and scripts to improve testing in CI/CD pipelines.
• Vulnerability Management & Remediation: Work with teams to analyze vulnerabilities, create remediation plans, and enhance security in development and production using DAST, SAST, and SCA tools.
• Incident Response & Threat Intelligence: Support the Cyber Incident Response Plan (CIRP), assist in incident detection, containment, and analysis, and use MITRE ATT&CK to track and counter threats.
• Attack Simulations & Research: Lead attack simulations, research new attack vectors, and design threat assessments based on intelligence feeds and external analysis.
• Security Communication & Reporting: Present findings and remediation steps to both technical and non-technical stakeholders.

What We’re Looking For: Required Qualifications:

• Bachelor’s degree or equivalent experience in computer science, Information Systems, or related field.
• 8+ years in security engineering, focusing on penetration testing, vulnerability assessments, and incident response.
• Proficiency with penetration testing tools (e.g., Burp Suite, Nessus, Metasploit, Nmap).
• Expertise in identifying and exploiting web app and infrastructure vulnerabilities (CVE, CVSS, CWE).
• Familiarity with secure software development lifecycle and secure coding.
• Strong scripting skills in Python, GoLang, PowerShell, or JavaScript.
• Experience with Java application technologies and security practices.
• Experience in Seurity Assessments: DAST, SAST, SCA, and CI/CD security testing tools.

Preferred Qualifications:

• Advanced understanding of MITRE ATT&CK and its application in penetration testing and incident response.
• Experience with cloud security (AWS, Azure, GCP).
• Familiarity with regulatory compliance (e.g., GDPR, HIPAA).
• Relevant certifications (e.g., OSCP, OSCE, GIAC).
• Experience in incident response, forensic analysis, and cyber threat intelligence.
• Ability to thrive …