• Commercial Banking Engineering - Security Engineer

    Location(s) US-NY-New York
    Job ID
    2018-49202
    Schedule Type
    Full Time
    Level
    Vice President/Executive Director
    Function(s)
    Technology
    Region
    Americas
    Division
    Engineering
    Business Unit
    Commercial Banking Technology
    Employment Type
    Employee
  • MORE ABOUT THIS JOB

    What We Do
    At Goldman Sachs, our Engineers don’t just make things – we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.

    Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.

    Who We Look For
    Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.

     

    The Consumer and Commercial Banking Division (CCBD) brings innovative solutions to traditional banking activities. We are a global team of lenders, investors, risk managers, skilled marketers, web experts and banking specialists. We provide a suite of solutions to help our customers meet their financial goals. We make direct investments in and manage risk for a portfolio of corporate loans and securities. We help transform distressed communities through investments and loans of private capital. Commercial Banking Commercial Banking aims to provide comprehensive cash management solutions for corporations while combining the strength and heritage of a 148-year-old financial institution with the agility and entrepreneurial spirit of a tech start-up. Our goal is to provide the best client experience. Through the use of modern technologies centered on data and analytics, we provide customers with powerful tools that are grounded in value, transparency and simplicity to improve cash flow management efficiency.

    RESPONSIBILITIES AND QUALIFICATIONS

    HOW YOU WILL FULFILL YOUR POTENTIAL
    • As a Security Engineer in Commercial Banking, you will be responsible for securing the applications (Web/API/Mobile) managed by the business unit.
    • The position is hands-on and requires close collaboration with Product Management, Engineering, Program Management, and Dev Ops teams.
    • In addition to developing / maintaining / operating / integrating security Infrastructure, you will act as a security advisor to architects, developers, analysts and others to ensure we embed security into the platform.
    • Drive adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC) in Agile methodology
    • Automate security test cases for continuous controls monitoring
    • Review requirements / architecture to ensure security and privacy by design
    • Secure Code Reviews and Penetration Testing
    • Serve as an advisor for security related product features like authentication, cryptography, etc.

    SKILLS AND EXPERIENCE WE ARE LOOKING FOR
    • 10 years’ experience in application security or related fields and risk analysis techniques
    • Expert knowledge of application security best practices including OWASP and CWE
    • Strong software engineering background; programming experience in Java and Python preferred
    • Secure software development practices and frameworks
    • Security testing methodologies, tools and techniques with understanding of common application security vulnerabilities and controls to remediate
    • Hands-on experience with web and mobile application security code reviews written in popular programming languages (Java, JavaScript, C++, C#, Python, Perl, optionally Objective-C, etc.)
    • Hands-on experience with web application Penetration Testing
    • Hands-on experience with cloud security/designing secure systems on AWS

    Preferred Qualifications
    • Proficient communication skills and an effective team player
    • Experience working in Agile development and scrum teams

    ABOUT GOLDMAN SACHS

    The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

    © The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.