Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.
SECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technical investigative support and mitigate threats to the firm.
Goldman Sachs’ Technology Risk organization leads threat, risk analysis and data science initiatives that help protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats, and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain. The team encompasses Information Security, Governance, Measurement and Security and Incident Response. We have presence in New York, London, Tokyo, Bangalore, Hong Kong, Zurich, Moscow, Dallas and Beijing, and cover all technology and business areas including subsidiaries and affiliates globally.
HOW YOU WILL FULFILL YOUR POTENTIAL
• SECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technical investigative support and mitigate threats to the firm.
• The Sensor Grid Engineering team within the SIRT organization operates in multiple capacities across a number of technologies both internally developed and vendor products. We focus on two major areas:
• Sensor Engineering: Here, we research, implement and support best in class technology solutions that enable a comprehensive Cyber Defense program for the firm. Areas include but are not limited to: network connection and packet capture, data leakage protections, malware analysis, sandbox technologies.
• Data Ingestion Engineering: In this capacity we collect security related events and data feeds into a centralized big data infrastructure. We research, implement and support best in class technology solutions related to data ingestion, transformation, enrichments and analysis. Technologies include but are not limited to Splunk, Hadoop, Elastic Search, and Kibana
• As an Engineer in Sensor Grid Engineering, you will be part of a technical team that is responsible for providing the SIRT organization with security sensors and data sets that increases awareness of current and potential Cyber Threats. The Sensor Grid engineering team is responsible for all security sensors within Technology Risk. You will work closely with Threat Management Centre, Hunt, and Detection Engineering teams to ensure our sensors and data streams are effectively configured, streamlined, integrated, automated and monitored to ensure the systems and data necessary to protect the firm from Cyber Threats is available.
• As a member of the Sensor Grid team you will: - Design, deploy, administer, maintain, customize, and scale the systems and data feeds needed to protect the firm from Cyber Threats - Architect and develop solutions that will advance internal security monitoring & controls such as Network Forensics, Data ingestion, Malware Analysis, Infrastructure monitoring, and Data Leakage - Participate in Proof-Of-Concept activities to explore and evaluate new technologies - Become a subject matter expert in a number of security sensors as well as the data flow and analytics of the resulting output. - Become a subject matter expert related to those systems and their customization, such as integration with firm authentication and authorization systems, API usage, and industry direction
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• The ideal candidate should possess the aptitude to work across teams and product owners, to elicit tool-related requirements from all parts of Technology Risk, and to work with tool vendor support teams in resolving issues that may arise from the use of the tools.
• Bachelor’s degree in Computer Science, System/Computer Engineering, Cyber or Information Security
• 3+ years of relevant experience in two or more domains: Network Forensics, Data ingestion/ETL, Malware Analysis, Infrastructure scanning, Data Leakage, Network packet capture & Analysis, Process automation
• Strong communication skills and a natural inclination to collaborate
• Ability to think about problems from an out-of-the box perspective, doesn’t always default to industry norms
• Experience administering Splunk
• Experience administering and debugging on Windows & Linux
• Applied knowledge of programming / scripting languages (Python a plus)
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.
Â© The Goldman Sachs Group, Inc., 2019. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.