Engineering - Technology Risk - Reporting Team - Analyst - New York

US-NY-New York
Job ID
Schedule Type
Full Time
Vice President/Executive Director
Technology Risk
Employment Type


What We Do

At Goldman Sachs, our Engineers don’t just make things – we make things possible.  Change the world by connecting people and capital with ideas.  Solve the most challenging and pressing engineering problems for our clients.  Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action.  Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.

Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions.  Want to push the limit of digital possibilities?  Start here.


Who We Look For

Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.




The Technology Risk team protects the systems and data of our firm and our clients, equips our people with understanding and tools to measure risk and enable the use of technology, and evangelizes controls monitoring solutions. 

The team encompasses Technology Risk Advisory, Business Continuity and IT Regulatory compliance (such as Sarbanes Oxley).  The global Technology Risk team currently has presence in New York, London, Tokyo, Bangalore, Hong Kong, Zurich, Moscow, Dallas and Beijing.  It covers all technology and business areas including subsidiaries and affiliates globally.

You will join one of the most progressive Technology Risk teams in the industry which continues to push the development of risk in preference to security within technology and the business.

Tech Risk Advisory Security Engineering’s core mission is to build controls into platforms to drive efficiency, re-use and lower the overall cost of maintaining the high level of control mandated at the firm. This role will act as the lead engineer, architect and strategist of this function with primary focus on delivering the engineering products necessary to integrate TechRisk review processes into AppCloud and CSF. Other focus points will be increased efficiency through automation and enabling the further reach of application security scanning by delivering on self-service tools for Application Security Champions throughout the firm. This role will also work closely with DPG on expanding the scope and reach of the Security Testing practices embedded in the Test Maturity Model.




Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.

Global Risk Measurement & Analytics identifies control weakness, adherence to regulatory requirements, and allows for the continuous control monitoring of individual key performance indicators that demonstrate the value of information security. This program leverages tools and modeling to ensure technology policies and standards address critical risks and adequately address regulatory expectations throughout the Firm.



  • Design, develop and assist engineering teams in maintaining re-usable application security controls as embedded framework components
  • Driving adoption of security controls in application development as part of the Software Development Life Cycle (SDLC)
  • Contribute to the technical understanding and adoption of security control development, testing processes, standards, solutions and tools
  • Contribute to the implementation and refinement of the strategy for the Application Risk program both globally and in the region
  • Be highly committed both to achieving the deliverables and to the team itself
  • Work with engineers to develop customized security control strategy
  • Have the discipline and interpersonal skills to work well in a global environment, complementing teams in other locations
  • Provide deep level subject matter expertise in one or more areas, such as implementation of cryptography, authentication, specific development language implementation risks and secure design patterns




Basic Qualifications

  • Software development practices and frameworks
  • Development experience and proficiency in one of more languages, such as Java, C/C++, Objective C
  • Mobile application architecture and development
  • Software testing experience and understanding of role of testing in SDLC
  • Security control methodologies, tools and techniques
  • Ability to engage technical client base of engineers and communicate security and testing requirements, potential risks and influence development practices

Preferred Qualifications

  • Understanding of common application security vulnerabilities and controls to remediate
  • Medium-scale technical program management skills


The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.