• Detection Engineering - Security Incident Response Team (SIRT) - Threat Management Center (TMC)

    Location(s) US-TX-Dallas
    Job ID
    2019-52206
    Schedule Type
    Full Time
    Level
    Associate
    Function(s)
    Technology
    Region
    Americas
    Division
    Engineering
    Business Unit
    Technology Risk
    Employment Type
    Employee
  • MORE ABOUT THIS JOB

    Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.


    SECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technical investigative support and mitigate threats to the firm.


    Our team of engineers builds solutions to the most complex problems. We develop cutting-edge systems and processes that form the core of our key business and enable transactions to move in milliseconds. We provide real-time access to critical deal information and crunch billions of data points each day to inform firm-wide market insights and strategies. Team members have the opportunity to work at the forefront of technology innovation alongside industry leaders and make significant contributions to the field. Do you enjoy analyzing cyber-threats? Correlating cyber-attack patterns? Preventing cyber-attacks before they start? A position as a Cyber Threat Analyst in Goldman Sachs’ Threat Management Center lets you do all this and more:

    RESPONSIBILITIES AND QUALIFICATIONS

    HOW YOU WILL FULFILL YOUR POTENTIAL
    • Decipher attack motivations and techniques by correlating threat data from various sources to complete a comprehensive picture of potential cyber-attacks
    • Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors
    • Work at the forefront of designing an innovative threat and security incident management solution
    • Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach
    • Perform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
    • Initiate escalation procedures to counteract potential threats/vulnerabilities
    • Appropriately inform and advise management on incidents and incident prevention
    • Document and conform to processes related to security monitoring
    • Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs’ global business network

    SKILLS AND EXPERIENCE WE ARE LOOKING FOR
    • Excellent oral, written, and presentation communication skills required
    • Strong English verbal and written communication skills
    • Ability to multitask and prioritize work effectively
    • Highly motivated self-starter
    • Responsive to challenging tasking
    • Attention to detail
    • Strong sense of ownership and driven to manage tasks to completion
    • Experience conducting security analysis using a well-known commercially available SIEM (Security Information and Event Management) tool (i.e. ArcSight, QRadar, Splunk, AlienVault, etc)
    • Advanced scripting and coding skills utilizing either Python, Powershell, or Java

    Preferred Qualifications
    • 3-5 years' experience conducting forensics in large scale Linux environments
    • 1-3 years' experience in Program Project Management disciplines such as Agile or Waterfall
    • Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Four (4) years of additional work experience may be substituted in lieu of a Bachelor’s Degree. Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, Applied Intelligence Analysis, Psychology, or Decision Science will be considered.
    • Coursework or experience in computer science, computer security, computer networking, system design, system integration, software development, and emerging technologies preferred
    • Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
    • Related certifications: Security+, Network+, CEH, or GCIH a plus.

    ABOUT GOLDMAN SACHS

    ABOUT GOLDMAN SACHS

    At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

    We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.

    We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html



    © The Goldman Sachs Group, Inc., 2020. All rights reserved.
    Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity