Software Engineer - Security

Kensho is a 100-person Machine Learning (ML) and Natural Language Processing (NLP) company, centered around providing cutting-edge solutions to meet the challenges of some of the largest and most successful businesses and institutions. We are owned by S&P Global and operate independently. Our toolkit illuminates insights by helping the world better understand, process, and leverage messy data. Specifically, Kensho’s solutions largely involve speech recognition (ASR), entity linking (NED), structured document extraction, automated database linking, text classification, and more.

​

As a security-focused software engineer at Kensho, you are a thoughtful, collaborative, and seasoned technologist who will be working closely with the Infrastructure team to ensure security across a number of systems and web applications. You will help us protect network boundaries, keep systems and network devices against attacks and provide security frameworks and processes to protect confidential data like passwords and client information.

​

At Kensho, we hire talented people and give them the freedom, support, and resources needed to accomplish our shared goals. We believe in flexibility-first and give our employees the opportunity to work from where they feel most productive and engaged (must be in the United States). We also value in-person collaboration, so there may be times when travel to one of our Kensho hubs (e.g., Cambridge, MA or NYC) will be required for team meetings or company events.

​

Kensho states that the anticipated base salary range for the position is 130k-175k. In addition, this role is eligible for an annual incentive bonus and equity plans. At Kensho, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.

​

What You'll Do:

​

• Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance.
• Analyze and recommend security practices and tools for engineering teams to incorporate into the software development lifecycle.
• Execute security architecture reviews for e2e application frameworks.
• Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards.
• Implement procedures to respond to and recover from security incidents.
• Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools.
• Manage Web Application Firewall (WAF) operation and tuning.
• Monitor Cloud Security Posture (CSP) tools and work with Infrastructure teams to achieve compliance.
• Support network security tools such as firewalls and DNS filtering.
• Support SIEM integration for the security stack.
• Manage Container security tool operation and tuning.
• Develop compliance as code processes to ensure continuous compliance.

​

What We Look For:

​

• Three or more years of experience as a security engineer.
• Experience securing modern web applications and distributed data infrastructure in a cross-team setting.
• Strong understanding of cryptography and current best practices.
• Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies.
• One or more years experience writing code in Python, Javascript, Java, or Go.
• Familiarity with core networking concepts and standard protocols such as TCP, UDP, and HTTP. 
• Prior experience working with enterprise security technologies such as firewalls, IDS/IPS, AntiVirus/EDR, or Security Information and Event Management systems. 
• Ability to apply risk management tools and methodologies.
• Experience conducting or facilitating IT security audits. 
• Familiarity with security models for cloud providers such as AWS, Azure and GCP.

​

​

Technology You'll Encounter:

​

• Python, Linux, Docker, Kubernetes, Git, Jenkins, Terraform, Jsonnet, Kafka, ElasticSearch

​

​

At Kensho, we pride ourselves on providing top-of-market benefits, including:

​

• Medical, Dental, and Vision insurance 
• 100% company paid premiums
• Unlimited Paid Time Off
• 26 weeks of 100% paid Parental Leave (paternity and maternity)
• 401(k) plan with 6% employer matching
• Generous company matching on donations to non-profit charities
• Up to $20,000 tuition assistance toward degree programs, plus up to $4,000/year for ongoing professional education such as industry conferences
• Plentiful snacks, drinks, and regularly catered lunches
• Dog-friendly office (CAM office)
• In-office gyms and showers (CAM, DC)
• Bike sharing program memberships
• Compassion leave and elder care leave
• Mentoring and additional learning opportunities
• Opportunity to expand professional network and participate in conferences and events 

​

About Kensho

​

Kensho is an Artificial Intelligence company that builds solutions to uncover insights in messy and unstructured data that enable critical workflows and empower businesses to make decisions with conviction.

Kensho was founded in 2013 and was acquired by S&P Global in 2018. Kensho continues to operate as a startup in order to maintain our distinct, independent brand and to promote our breakthrough, innovative culture. Our team of Kenshins enjoy a dynamic and collaborative work environment that runs autonomously from S&P Global, while leveraging the unparalleled breadth and depth of data and resources available as part of S&P Global.  As Kenshins, we pride ourselves on maintaining an innovative culture that depends on diversity and inclusion.

We are an equal opportunity employer that welcomes future Kenshins with all experiences and perspectives. Kensho is headquartered in Cambridge, MA, with offices in New York City, and Washington D.C.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.