Marquee Engineering - Application Security Engineer

US-NY-New York
Job ID
Schedule Type
Full Time
Vice President/Executive Director
Marquee Engineering
Employment Type


Marquee Engineering - Application Security Engineer 


The Marquee team at Goldman Sachs is responsible for delivering digital products to our institutional client base. We design and build highly scalable web platforms that provide access to Goldman Sachs content, portfolio analytics, risk, and execution services.  These tools help to transform and simplify client experiences while generating new revenue streams and business models for a leader in global financial markets. Marquee is a product driven team, composed of talented and passionate product managers, designers, and engineers working to change the expectation of institutional finance.


The position is for an experienced technologist with significant experience in Application Security with a core focus of application security architecture, design and implementation reviews through code analysis and hands on testing to drive more efficient and complete continuous assessment of application controls.


This position will have broad involvement in various Technology Risk domains, such as:

  • Influencing the overall direction for securing applications at the firm
  • Application security requirements and establishing baselines for emerging technologies
  • Implementation testing through code analysis, automated tools and manual testing
  • Collaboration with Engineering platform teams to build controls into firm biased technology
  • Driving automation for security control testing into the firm’s standard SDLC



  • Contribute to the implementation and refinement of the strategy for the Application Risk program
  • Drive adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC)
  • Assess applications for design related security risks and assist teams in determining appropriate remediation for issues identified
  • Provide guidance on existing and emerging threats in the web and mobile application space
  • Contribute to the technical understanding and adoption of information security standards, solutions and tools
  • Have the discipline and interpersonal skills to work well in a fast-paced environment.
  • Provide subject matter expertise multiple areas
  • Work with engineers to develop customized security testing strategy
  • Evaluation of both industry standard and proprietary application security controls (e.g. authentication, authorization, input validation, output sanitization, error handling, application resilience) against firm policies and standards
  • Perform Design Review of process-level application architectures to ensure appropriate control specification at design time
  • Oversee Code Review and automated testing processes of application security control implementations in Java, C, C++, C#, and ASP.Net
  • Drive implementation of security controls in platforms in technology teams
  • Define clear, meaningful metrics for measuring compliance 



Work on some of the most complex technical and design challenges in technology and finance

  • Learn from the foremost experts in finance, technology, and math who are diverse in their academic, ethnic, and social backgrounds
  • Benefit from ongoing training, development, and mentoring to advance in your career


The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2017. All rights reserved
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.