WHO WE ARE

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA.

Within Technology Risk, the Global Cyber Defense & Intelligence (GCDI) identifies malicious activity, manage the lifecycle of vulnerabilities within GS technologies, and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks through the use of detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm. 

Goldman Sachs has one of the most progressive Technology Risk teams in the industry and is continuing to push the development of risk in preference to security within technology and the business.  Year on year success has led the team to work deeper into the organization and gain valuable insights into how technology needs to function, what its risk really is and how this impacts the business.

YOUR IMPACT

You will be a key addition to the GCDI Architecture team, responsible for architecture and strategy for enterprise cyber defense across all cyber domains. You will use your knowledge and experience to assess risks, identify controls, architect solutions and influence change that aims to reduce risk and increase security capability to protect and respond to cyber threats to the business. 

HOW YOU WILL FULFILL YOUR POTENTIAL

As a Cybersecurity Architect in the Global Cyber Defense and Intelligence (GCDI) team, you will be an integral part of the team responsible for assessing, evaluating, and enabling security capabilities for the firm. You will partner with peers within GCDI and other engineering functions to formulate solutions and controls that enhance the security posture of the firm. You will work on cross-functional projects that address security gaps for core platforms and environments. The ideal candidate should have experience in one or more cyber defense discipline, like external threat detection and response, internal threat detection and response or vulnerability management, as well as sufficient knowledge of system architectures and network fundamentals. 

RESPONSIBILITIES

• Work closely with cyber defense teams to assess gaps and requirements for technical capabilities and process improvements. 
• Lead the proof-of-concept/proof-of-value evaluations of innovative and cutting-edge security solutions through market scans and hands-on technical assessments.
• Build current state and future state reference architectures, solution patterns, security capability roadmaps and best practice artifacts.
• Partner with engineers, security architects, and operations teams to coordinate change implementations. 
• Work with other enterprise security architects to secure platforms and applications with appropriate control and monitoring solutions.
• Maintain an understanding of current and emerging cyber threats and solution landscape. 

Basic Qualifications

• Experience and knowledge in one or more areas of cybersecurity operations such as threat detection and response or vulnerability management.
• Experience architecting enterprise-level security solutions in hybrid cloud environments.
• Ability to evaluate current and emerging technologies to select or recommend appropriate solutions for future state architecture.
• Understanding of industry frameworks like MITRE ATT&CK, NIST, CIS, etc.
• Clear communication skills, both verbal and in writing, including the ability to clearly articulate technical concerns and solutions to both technical and non-technical audiences
• Strong project and program management skills, including the ability to lead and uplift projects from start to finish with significant autonomy and attention to detail.
• Strong conceptual and analytical skills with demonstrable problem-solving skills.
• Demonstrated ability to work in ambiguous situations and initiate technical aptitude to understand and design solutions. 

Preferred Experience/Qualifications

• Bachelors degree in Computer Science, Information Security, Information Technology or related field. 
• 5+ years cybersecurity SME experience in cybersecurity operations functions like threat detection and response and vulnerability management
• Experience evaluating or implementing endpoint, network, identity, cloud, data security solutions 

ABOUT GOLDMAN SACHS

At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. 

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. 

We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html