What We Do
At Goldman Sachs, our Engineers don’t just make things – we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.
Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.
Who We Look For
Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.
Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.
RISK ADVISORY delivers best in class advisory support and technology solutions across the information security risk domain including scalable uplifts of common core security solutions for use across Goldman Sachs. Prevents the misuse, unauthorized disclosure, or loss of firm data across e-mail, file transfer, and the Internet. Ensures business continuity and technology resilience by safeguarding Goldman Sachs from major operational disruptions through preventative measures including business planning, capability design, and the testing of mitigants.
We are looking for an experienced, highly self-motivated candidate for our global Vulnerability Management team within Technology Risk Advisory to be based in New York. Strong technical skills particularly in one, or more areas, of infrastructure or platform security Experience operating, or running, a vulnerability management program in a complex and diverse global multi-technology environment Experience with industry standard patch management and vulnerability management tools and techniques The ability to clearly articulate technical vulnerabilities and associated risks to a diverse audience The motivation to assist driving, enhancing and contributing to continual improvement of the firm’s global vulnerability program
HOW YOU WILL FULFILL YOUR POTENTIAL
• Help develop, execute and enhance the firm’s global vulnerability management program as part of the global Advisory team within Technology Risk
• Help drive vulnerability discovery requirements across the firm’s technology environment using various automated and manual discovery tools and vendors
• Work with vulnerability data from various sources to effectively identify and analyze the firm’s security posture in relation to technical vulnerabilities to drive risk reduction
• Develop scalable processes and procedures that enable an efficient vulnerability management lifecycle from identification, to reporting, and risk treatment
• Collaborate with the firm’s engineering teams to assess reported vulnerability applicability and impact to the firm to enable appropriate vulnerability management
• Keep up to date with industry patching and vulnerability trends
• Support and help develop junior members of the global Vulnerability Management team
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• Knowledge of vulnerability discovery and remediation techniques, processes and methodologies
• Knowledge and experience in the areas of security assessment, vulnerability scanning and risk based threat analysis
• Strong understanding of one or more of application, infrastructure, or networking concepts and protocols to support the Vulnerability Management program
• Experience using industry standard vulnerability assessment tools (such as nmap, nessus, Qualys) and interpreting, analyzing and assessing their data output
• Experience developing repeatable processes, procedures and automation to support the Vulnerability Management program
• Bachelor’s degree or higher preferred.
• Strong project and program management skills.
• Clear communication skills, both verbal and in writing.
• Excellent organization and interpersonal skills.
• Strong analytic and problem solving ability
• Experience working as part of a global team.
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.
Â© The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.