Application Security Automation Specialist - Marcus Global - Trust & Tech Risk

Consumer and Commercial Banking (CCBD)
Consumer and Commercial Banking brings innovative solutions to traditional banking activities. We are a global team of lenders, investors, risk managers, skilled marketers, web experts and banking specialists. We provide a suite of solutions to help our customers meet their personal financial goals. We make direct investments in, and risk manage, a portfolio of corporate loans and securities. And we help transform distressed communities through investments and loans of private capital.

Digital Finance
Digital Finance, a business unit within CCBD, is comprised of the firm's digitally-led consumer businesses, which include the Marcus deposits and lending businesses, as well as the personal financial management app, Clarity Money. Digital Finance combines the strength and heritage of a 149-year-old financial institution with the agility and entrepreneurial spirit of a tech start-up. Through the use of machine learning and intuitive design, we provide customers with powerful tools that are grounded in value, transparency and simplicity to help them make smarter decisions about their money.


• Digital Finance Trust and Technology Risk - Application Security Specialist will be an individual contributor responsible for securing the applications (Web/API/Mobile) managed by Marcus
• The position is hands-on and requires close collaboration with Product Management, Engineering, Program Management, and Dev Ops teams
• The Application Security Specialist will act as a security advisor to architects, developers, analysts and others to ensure we design confidentiality, integrity, resiliency, and privacy into the platform
• Drive adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC) in Agile methodology, including automated tools
• Secure Code Reviews and facilitating or conducting Penetration Testing
• Assist in implementation of security related product features like authentication, cryptography, etc.
• Support and enhance the application security champion programme

• 3-7 years' experience in application security or related fields and risk analysis techniques
• Energetic, self-directed and self-motivated, able to build and sustain long-term relationships with colleagues.
• You must have experience managing multiple tasks and using sound judgment when managing risks, prioritizing and escalating.
• You must be able to work with deeply technical engineers, identify gaps that need addressing, and hold them to account.
• Security testing methodologies, tools and techniques - understanding of common application security vulnerabilities and controls to remediate
• Expert knowledge of application security best practices including OWASP and CWE
• Hands-on software development and/or application Penetration Testing experience in complex environments an advantage
• The successful candidate will be able to balance project management trade-offs, own decisions and communicate effectively with senior stakeholders across business, partners, vendors, internal technology stakeholders and technology peers, with an eye towards influencing and driving positive business outcomes.
• Strong desire to learn and contribute solutions and ideas to a broad team.
• Exposure to Lean, Agile, and DevOps

Preferred Qualifications
• BSc or Master's degree or equivalent experience
• Any of CSSLP / CISSP / CCSP / OSCP an advantage
• Experience working in Agile development and scrum teams
• Hands-on-experience with cloud security/designing secure systems on AWS


The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2019. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.

Meet Some of Goldman Sachs's Employees

Kelsey L.

Software Engineer, Equities

Using a variety of languages, like Java and Python, Kelsey designs and builds integrated software applications used in Goldman Sachs’ equities business.

Chelsea R.

Vice President, Pine Street Leadership Development Group

People are Goldman Sachs’ greatest asset. Through the firm’s executive development initiatives, Chelsea manages leadership development programs that support the advancement of the company’s most senior leaders.

Back to top