Information Security Associate, Client Security and Compliance - CWMD, PWM Engineering
- Dallas, TX
MORE ABOUT THIS JOB
What We Do
At Goldman Sachs, our Engineers don't just make things - we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets .
Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.
Who We Look For
Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.
RESPONSIBILITIES AND QUALIFICATIONS
Private Wealth Management
Goldman Sachs Private Wealth Management (PWM) specializes in creating comprehensive wealth management plans for high net worth individuals and families, as well as select institutions, including foundations and endowments. PWM teams work one-on-one with clients to advise and deliver customized strategies drawn from deep investment experience, diverse wealth management capabilities and global reach.
The Information Security Associate for Consumer & Wealth Management Technology Risk will be part of a team that manages the technology risk portfolio and roadmap. This individual works with broad range of risk partners across the firm to implement and adopt security solutions. In this position, you will have tremendous impact and bring ideas about how to take our Technology Risk team to the next level.
This information security role is a key component of our revenue growth. This individual engages in new and existing institutional clients (e.g. Fortune 500) and compliance activities (e.g., SOC reports, ISO, PCI, NYDFS, etc).
- Review, negotiate, and respond to client contracts, security agreements, and security assessments, promoting the firm's cyber security, data assurance, and risk management commitments.
- Be knowledgeable of the full scope of the firm's information security, data, cyber as well as compliance posture that includes the technology, applicable governing regulations, and laws. Additionally, this role engages in the ongoing optimization of the aforementioned efforts as well as initiatives.
- Engage in internal and external compliance efforts partnering with teams across the firm to ensure alignment with evolving programs as well as evaluating, coaching and training BU and engineering teams as they introduce services and systems.
- Must have at least one industry certification (i.e., CISA, CISM, CGEIT, CRISC, CISSP, GSEC, PMP, SixSigma)
- 3+ years working in an environment supporting at least one of the following: GDPR, PCI, CCPA/PII, NYDF, GLBA, HIPAA, ISO27K, SOX.
- 2+ years in one or more of the following areas: Information Security, Technology Governance, Operational Risk, Technology Audit, Technology Infrastructure or Application Development or have a current relevant certification.
- 1+ years operational and/or contractual experience with Cloud services (as provider or client) or certified CCNA, CCNP, AWS security, etc, is a plus.
- Demonstrated advanced verbal and written communication skills.
- Background in automating searches and querying, tuning large data sets.
- Experience collaborating with experts in Compliance, Legal, Engineering and security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, penetration testing, data loss prevention, network security, security monitoring, white box testing/static code analysis, and building secure systems.
- Knowledge of security risks related to web, mobile, web services, Cloud, and client/server architectures is a plus.
- Implementation and/or operational experience with Risk Management Solutions (ex: SAP GRC, SailPoint) is a plus.
- Experience using GRC tools and technologies for audit support and governance management (plus if client focused) is a plus.
- Risk management framework (COBIT, NIST or IS27001) experience is a plus.
- Ability to plan, organize, and prioritize work to meet deliverables and deadlines.
- Experience with external clients and third parties working on assessments and contracts is a plus.
- Experience or training in computer science, computer security, software development, system design, open source frameworks, encryption schemes, network infrastructure, database design desired, but not required
- Experience in Financial Industry/Fintech is a plus.
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers .
We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https:// www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2021. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
Back to top