• Technology Risk - Advisory - VP Security Engineering

    Location(s) US-TX-Dallas
    Job ID
    2018-48126
    Schedule Type
    Full Time
    Level
    Vice President/Executive Director
    Function(s)
    Technology
    Region
    Americas
    Division
    Engineering
    Business Unit
    Technology Risk
    Employment Type
    Employee
  • MORE ABOUT THIS JOB

    What We Do
    At Goldman Sachs, our Engineers don’t just make things – we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.

    Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.

    Who We Look For:
    Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.

    Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.

    Tech Risk Advisory delivers best in class advisory support and technology solutions across the information security risk domain including scalable uplifts of common core security solutions for use across Goldman Sachs. Our team prevents the misuse, unauthorized disclosure, or loss of firm data across e-mail, file transfer, and the Internet. We ensure business continuity and technology resilience by safeguarding Goldman Sachs from major operational disruptions through preventative measures including business planning, capability design, and mitigation testing.

    The Security Engineering team with Technology Risk Advisory delivers best in class advisory support and technology solutions across the division. This includes scalable advancements to common core security solutions used across Goldman Sachs. As part of the Security Engineer team, you will operate and optimize our existing systems and infrastructure while also making continual enhancements to our operations. In this position you will work to balance the empowerment and enablement of the security engineering team with need for reliable, high performing systems.

    Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.

    Tech Risk Advisory delivers best in class advisory support and technology solutions across the information security risk domain including scalable uplifts of common core security solutions for use across Goldman Sachs. Our solutions are designed to prevent the misuse or unauthorized disclosure of sensitive information. We ensure business continuity and technology resilience by safeguarding Goldman Sachs from major operational disruptions through preventative measures including business planning, capability design, and the testing of mitigation options.

    RESPONSIBILITIES AND QUALIFICATIONS

    How you will fulfill your potential
    • Support the Technology Risk Advisory function by working in a team of highly motivated staff and ensure that our SDLC security touch points are providing maximum value and flexibility to the TechRisk team and business teams.
    • Develop automation and processes to enable teams to deploy, manage, configure, scale, and monitor their applications.
    • Actively participate in high level team activities such as suggesting architecture improvements, recommending process improvements, and conducting tool evaluations.
    • Help solve business needs by evaluating different technology options and vendor products.
    • Develop new security capabilities and integrate them into the development and operations process of the firm
    • Troubleshoot system problems across platform and application domains and participate in on-call escalations to diagnose customer facing issues.
    • Participate in Proof-Of-Concept activities to explore and evaluate security tools supporting Continuous Integration, Continuous Deployment, and Continuous Delivery
    • Drive adoption of security tools through their seamless integration with development activities
    • Proactively investigate new opportunities for security tools and their automation across agile and hybrid teams
    • Working well in a global environment and complementing teams in other locations

    Skills and experience we are looking for:
    • Minimum of 6 years of applicable Software and/or Security Engineering experience
    • Hands-on experience with Java
    • Working knowledge of Spring/Spring Boot is a plus
    • Working knowledge with web-based frameworks like Angular and React
    • Working experience with DevOps tools and automated SDLC processes
    • Applied knowledge in scripting languages
    • Proficiency in problem solving, analytical, and organizational


    Preferred qualifications:
    • Excellent verbal and written communication skills
    • Bachelor of Computer Science, System/Computer Engineering, Cyber-or Information Security or equivalent work experience.
    • Basic understanding of application security
    • Basic understanding of SDLC related security tasks such as test development and source code analysis tools
    • Familiarity with API programming
    • Familiarity with CI tools such as Jenkins
    • General networking principles (DNS, TCP/IP, Ports, etc.)
    • 5 years of *nix systems administration experience
    • 3 years of experience in software development, including deep knowledge of Java
    • Experience using container technologies or deploying a micro-services architecture
    • Experience with configuration management tools
    • Experience with git
    • Bash scripting experience
    • Experience installing and configuring software packages
    • Experience with a scripting language like Python
    • Experience with monitoring tools
    • Experience with PKI
    • Knowledge of network and system security best practices
    • Experience supporting environments of 10+ servers
    • Experience with cloud development and architectures

    Bonus points:
    • Experience with Jenkins and GitLab
    • Experience in a PCI compliant environment
    • Experience with Java software development

    ABOUT GOLDMAN SACHS

    The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

    © The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.

    Options