Technology - Digital Finance Technology - Trust and Technology Risk - Security Engineer - Associate - New York
MORE ABOUT THIS JOB
Our team of engineers builds solutions to the most complex problems. We develop cutting-edge systems and processes that form the core of our key business and enable transactions to move in milliseconds. We provide real-time access to critical deal information and crunch billions of data points each day to inform firm-wide market insights and strategies. Team members have the opportunity to work at the forefront of technology innovation alongside industry leaders and make significant contributions to the field.
Marcus is a new division within the firm focused on bringing state of the art Goldman technology to the consumer market, enabling a complete new line of business including online deposits and lending. We are building a best of breed platform that is both elegant and powerful meeting the needs of our clients seamlessly, while allowing deep integration into our technical partners in the future. You will work alongside industry leading technologists who have recently joined Goldman from across consumer security, technology, fintech, finance and quant firms.
The Associate for Digital Finance Trust and Technology Risk Security Engineer will be an individual contributor responsible for securing the applications (Web/API/Mobile) managed by Marcus. The position is hands-on and requires close working with Product Management, Engineering, Program Management, and Dev Ops teams.
In addition to developing/maintaining/operating/integrating security Infrastructure, the Security Engineer will act as a security advisor to architects, developers, analysts and others to ensure we embed security into the platform.
RESPONSIBILITIES AND QUALIFICATIONS
- Driving adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC) in Agile methodology
- Architecture review to ensure Security/Privacy by design
- Secure code reviews and Penetration testing (60% Process management, 40% Individual contribution)
- Automation of Security test cases
- Consultant for Security related product features like Authentication, cryptography etc.
- You will have a 3-5 experience in application security or related fields and risk analysis techniques.
- Expert knowledge of application security best practices including OWASP and CWE
- Secure software development practices and frameworks
- Security testing methodologies, tools and techniques -Understanding of common application security vulnerabilities and controls to remediate
- Hands on Experience - Application Security Code Reviews/Penetration Testing
- Good communication skills and effective team playe
- Strong software engineering background - Programming experience in Java preferred
- Working experience in Agile development /Scrum teams is a plus
- Experience in Financial Industry/Fintech is a plus
ABOUT GOLDMAN SACHS
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.
© The Goldman Sachs Group, Inc., 2017. All rights reservedGoldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.
Meet Some of Goldman Sachs's Employees
Software Engineer, Equities
Using a variety of languages, like Java and Python, Kelsey designs and builds integrated software applications used in Goldman Sachs’ equities business.
Back to top