Application Security Specialist - CIMD - Marcus by Goldman Sachs Engineering



Consumer and Investment Management (CIMD)

The Consumer and Investment Management Division includes Goldman Sachs Asset Management (GSAM), Private Wealth Management (PWM) and our Consumer business (Marcus by Goldman Sachs). We provide asset management, wealth management and banking expertise to consumers and institutions around the world. CIMD partners with various teams across the firm to help individuals and institutions navigate changing markets and take control of their financial lives.

Consumer

Consumer, externally known as Marcus by Goldman Sachs, is comprised of the firm's digitally-led consumer businesses, which include our deposits and lending businesses. It also includes our personal financial management app, Clarity Money. Consumer combines the strength and heritage of a 150-year-old financial institution with the agility and entrepreneurial spirit of a tech start-up. Through the use of insights and intuitive design, we provide customers with powerful tools that are grounded in value, transparency and simplicity to help them make smarter decisions about their money.

RESPONSIBILITIES AND QUALIFICATIONS

HOW YOU WILL FULFILL YOUR POTENTIAL

  • Design secure applications (Web/API/Mobile) managed by Marcus
  • Collaborate closely in a hands-on environment with Architecture, Product Management, Application Development, Program Management and Dev Ops teams
  • Act as a security advisor to ensure we embed security into the platform, through secure application, network and system design
  • Ensure security and privacy by design, including design process improvements, assessment of controls, data models, cryptographic implementation, and compliance and regulatory needs
  • Ensure third-party software and services are evaluated for requisite controls
  • Contribute to design documentation to help capture security controls


SKILLS AND EXPERIENCE WE ARE LOOKING FOR
  • 3-7 years' experience in application security or related fields and risk analysis techniques
  • Expert knowledge of application security best practices including OWASP and CWE
  • Security testing methodologies, tools and techniques - understanding of common application security vulnerabilities and controls to remediate
  • Understanding of web applications and microservice architecture


Preferred Qualifications
  • Proficient communication skills and an effective team player
  • Hands-on-experience with cloud security/designing secure systems on AWS
  • Working experience in Agile development and scrum teams


ABOUT GOLDMAN SACHS

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2019. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.


Back to top