PWM Technology - IMD Tech Risk Advisor



ENGINEERING



What We Do

At Goldman Sachs, our Engineers don't just make things - we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets .

Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.



Who We Look For

Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.

RESPONSIBILITIES AND QUALIFICATIONS

Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.

Goldman Sachs' Investment Management Division (IMD), comprised of Goldman Sachs Asset Management (GSAM) and Private Wealth Management (PWM), provides asset management and wealth management solutions to world-class institutions and individual investors globally. GSAM is one of the world's leading asset managers, with over 700 investment professionals managing over $1 trillion in assets across many strategies. PWM secures, develops and manages relationships with high-net-worth individuals, their families, family offices and select foundations and endowments. IMD leverages a global technology platform, offering an integrated suite of tools and applications to service clients.

The Cyber Security Risk Advisor in the Investment Management Division (IMD) Technology Risk Team, focuses on security controls in business applications/processes that support all IMD business lines. This position requires significant practical experience in application development and software security. The successful candidate will be a trusted risk adviser to high performance application and platform teams across IMD, and must be able to engage with developers on a technical level.

HOW YOU WILL FULFILL YOUR POTENTIAL


  • Work with internal application development teams that are developing the next generation of critical business applications to insert Information Security and Business Resiliency control requirements within design and architecture , and advise on the integration of standard or equivalent compensating controls into their applications.
    • Collaborate with the global Application Risk, Business Continuity, Risk Measurement, and other global Technology Risk teams to develop and integrate best-in-class security and resiliency controls and practices.
    • Communicate the impact of technology risks and the approach to mitigation/acceptance, and provide risk assessment and advisory services to technology engineers, and technology and business management.
    • Assess existing applications for design-related security flaws and assist teams in determining appropriate remediation approach.
    • Provide guidance on existing and emerging threats in the web and mobile application space.
    • Drive adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC).
    • Provide deep subject matter expertise in secure application design and development approaches and techniques.
    • Contribute to the technical understanding, adoption and convergence of information security standards, solutions and tools.
    • Work with engineers to develop customized security testing strategy to complement the existing security testing program managed by Technology Risk.
  • Conduct technology risk assessments across applications and application suites, as well as on acquisition targets, or entire businesses.

    SKILLS AND EXPERIENCE WE ARE LOOKING FOR


Basic Qualifications

  • Bachelor's degree in Computer Science, Computer Engineering, or a related field.
    • 5 years cyber security risk advisory and risk management experience, including risk mitigation and risk acceptance tracking and reporting
    • 3 years experience performing technology risk or vulnerability assessments aimed at independently assessing security weaknesses and gaps.
    • 3 years experience advising application development teams on secure software development practices and frameworks.
    • 3 years experience driving controls based on information security policies, procedures or standards.

    Preferred Qualifications

  • Advanced degree in Cyber Security
  • Application development or DevOps experience in a large scale cloud environment such as AWS, Azure or Google Cloud.
  • Advance knowledge of encryption and key management controls including symmetric (single-key), asymmetric (dual key) encryption systems and sub-systems, SSL/TLS, storage or database encryption.
    • Deep cloud infrastructure and application security experience
    • Experience interfacing with and communicating complex technical security concepts to non-technical audiences.
    • Experience overseeing and managing ethical hacking and penetration testing, and working with technology teams to resolve discovered issues.
    • Information security policy, standards, guidelines or procedures development and implementation.
    • Industry accepted security certifications including CISSP or CISM or CRISC or equivalent SANS certification.


ABOUT GOLDMAN SACHS

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.


Back to top