Security Software Engineer - Secrets Management

    • London, United Kingdom

The Cryptographic Services Engineering team within Core Engineering is primarily responsible for designing and implementing core Secrets Management solutions for the firm's internal technology .

We help secure the firm's systems and software by providing solutions that allow our software engineering teams to easily and reliably safeguard their applications. Are you are a software engineer or security engineering specialist looking for a role where you can have broad-reaching positive impact and are enthusiastic about security, authentication, cloud, and cryptography, with a minimum of 7 years' engineering experience?

At Goldman Sachs, our culture is one of teamwork, innovation and meritocracy. We often say our people are our greatest asset and we take pride in supporting each colleague both professionally and personally. From collaborative work spaces and mindfulness classes to working from home and flexible work options, we offer our people the support they need to reach their goals in and outside the office.



• Implement and integrate software libraries and services to provide secure-by-default services to software engineering teams, including scalable integration with authentication, entitlement and provisioning systems
• Partner with colleagues from across technology and risk to ensure an outstanding, useable and unobtrusive experience for owners and users of secrets
• Collaborate on feature design and problem solving
• Help to provide frictionless integration with the firm's runtime, deployment and SDLC technologies
• Manage the full lifecycle of software components, from requirements through design, testing, development, release and demise
• Help to communicate and promote best practices for security engineering across the firm
• Engage in production troubleshooting



• A strong grounding in security concepts, including core cryptography, secure coding practices and principles of authentication and secrets management
• A good understanding of PKI, X.509, key exchange protocols, and authentication protocols, including token-based authentication
• The ability to reason about performance, security, and process interactions in complex distributed systems
• Proficiency in designing, developing and testing cross-platform software in one or more of Java, C++, C# or golang; open to using multiple languages
• Experience developing, deploying and supporting software across the full Continuous Delivery life-cycle
• Sound SDLC and practices and tooling experience - version control, CI/CD and configuration management tools
• The ability to understand and effectively debug both new and existing software
• Experience meeting demands for high availability, low latency and scale
• The ability to communicate technical concepts effectively, both written and orally, as well as the interpersonal skills required to collaborate effectively with colleagues across diverse technology teams


• Experience using and/or supporting Hashicorp Vault and/or Consul in production
• Experience with containerisation - Kubernetes/Docker
• Experience with open source, web authentication solutions
• Experience monitoring, measuring, auditing and supporting software
• Scripting skills using Python, PowerShell or Bash


The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2020. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.

Back to top