Job Description This job is with S&P Global, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. About the Role: 1. Position Summary/The Opportunity We are seeking a visionary and deeply technical Principal Directory Services Architect to own the strategic direction … and technical integrity of our global identity and access infrastructure. This is a critical leadership role responsible for designing, building, and securing the directory services that form the bedrock of our enterprise IT environment. You will be the ultimate subject matter expert, guiding the evolution of our on-premises and cloud identity platforms to support our business … strategy, enhance our security posture, and enable a seamless user experience. This role requires a blend of strategic foresight, architectural mastery, and hands-on leadership. 2. Key Responsibilities Strategy & Architecture: Drive the technical architecture and evolution of the directory services ecosystem, playing a pivotal role in shaping the long-term strategic roadmap. Architect and design highly available, secure More ❯
Risk Ledger is developing a network of connected organisations, all working together to defend against cybersecurity attacks in the supply chain. Organisations rely on us to establish trust, through sharing their security maturity and visualising the risks posed by their supply chain ecosystem. And we're already trusted by customers like ASOS, Snyk, BAE Systems and the NHS. We … are putting together an amazing and talented team from a diverse set of backgrounds and skillsets to drive us towards our vision. Risk Ledger is built on the respect we have for one another and our users, united by our shared values and mission. Every one of us is still learning: it's how we grow as individuals. … And we're humble and honest. At Risk Ledger, we aim high to find the best solutions we can and always put our users first. This role: The Head of Information Security has a bucket load of responsibility to protect the business, inform key risk-based decisions, and operate confidently and expertly with the clear understanding that their More ❯
Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining an edge network with a Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN). Access Control: Establish an access control baseline focusing on the principleofleastprivilege and … segregation of duties. Monitor and enforce these controls once roles and permissions are set. Security Controls: Design, implement, and maintain security controls to prevent, detect, and remediate insecure configurations, including defining and disseminating secure AWS/infrastructure baselines. Standards Development: Own the development and maintenance of tailored security standards and guidelines, creating reusable resources for various development teams. … AWS Security Services: Establish and manage AWS security services, including certificate authorities, encryption services, insecure configuration scanners, and security control canaries. Key requirements: Essential: 5+ years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability More ❯
