×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity AI Engineer Cloud Computing Data Security

Associate Director - Application Security

Job in New York, New York County, New York, 10261, USA
Listing for: S&P Global
Full Time position
Listed on 2026-06-03
Job specializations:
  • IT/Tech
    Cybersecurity, AI Engineer, Cloud Computing, Data Security
Salary/Wage Range or Industry Benchmark: 125000 - 165000 USD Yearly USD 125000.00 165000.00 YEAR
Job Description & How to Apply Below
Location: New York

About the Role

The Dev Sec Ops  Engineer – CI/CD & Application Security focuses on embedding application security and cloud security controls directly into CI/CD pipelines and developer workflows. This role drives shift‑left security by designing, implementing, and operating automated security guardrails across source code, build, and deployment pipelines in cloud‑native environments.

Key Responsibilities
  • Design, implement, and operate application security controls integrated into CI/CD pipelines, ensuring secure software delivery by default.
  • Embed automated App Sec checks across code, dependencies, builds, and deployment workflows aligned with shift‑left principles.
  • Define and maintain secure CI/CD reference architectures and patterns for enterprise cloud‑native applications.
  • Partner with engineering teams to integrate security seamlessly into developer workflows, minimizing friction and manual intervention.
  • Develop reusable pipeline templates, policy controls, and automation to scale App Sec and Dev Sec Ops  practices across teams.
  • Secure pipeline infrastructure and credentials, protecting against build manipulation, secret leakage, and provenance risks.
  • Integrate CI/CD security findings with broader application and cloud security monitoring workflows.
  • Investigate and respond to application and pipeline‑related security findings, partnering with Security Operations as required.
  • Contribute to cloud security posture by aligning pipeline and application controls with cloud security best practices.
  • Embed security controls for AI/ML and GenAI workloads within CI/CD pipelines and developer workflows.
  • Define and enforce secure usage patterns for LLMs and AI services, including prompt handling, data protection, and model access controls.
  • Implement safeguards against AI‑specific threats, including prompt injection, model poisoning, data leakage, and insecure model outputs.
  • Integrate AI security scanning and validation into build pipelines, ensuring safe model usage and dependency integrity.
  • Collaborate with engineering teams to establish secure‑by‑design AI application architectures.
  • Ensure compliance with enterprise Responsible AI policies (data privacy, bias management, model governance).
  • Secure AI‑related secrets, tokens, and API access used in pipelines and applications.
  • Monitor and respond to security risks introduced by AI/ML components, including third‑party models and APIs.
  • Contribute to AI risk governance, auditability, and traceability across the SDLC.
  • Stay current on emerging AI security threats, vulnerabilities, and regulatory expectations.
  • Author documentation, standards, and training to drive developer adoption of secure CI/CD and App Sec practices.
  • Continuously evaluate emerging application security and software supply chain threats and improve controls accordingly.
Required Qualifications
  • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent experience.
  • 3–6 years of experience in Dev Sec Ops , Application Security, or Platform Security roles.
  • Strong hands‑on experience securing CI/CD pipelines using Git Hub, Jenkins, and Azure Dev Ops.
  • Solid understanding of application security concepts (secure coding, dependency risk, pipeline hardening, secrets management).
  • Foundational understanding of AI/ML and Generative AI concepts, including LLMs and model lifecycle.
  • Knowledge of AI/ML security risks such as prompt injection, data poisoning, model evasion, and data leakage.
  • Experience integrating AI or ML components into applications or pipelines (preferred hands‑on exposure).
  • Familiarity with Responsible AI principles and AI governance frameworks.
  • Experience implementing shift‑left App Sec controls in modern SDLCs.
  • Experience working in cloud environments (Azure, AWS, or GCP).
  • Proficiency with scripting or programming languages (Python, Go, Java, etc.).
  • Familiarity with containerized build and deployment models.
  • Strong understanding of software supply chain security risks.
Preferred Qualifications
  • Experience with policy‑as‑code and automated security governance
  • Knowledge of Kubernetes, container security, and cloud‑native application architectures
  • Experience integrating App Sec signals into…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search