Asset & Wealth Management-Texas- Associate, Security Engineering-9241138

Job Description

Job Duties: Associate, Security Engineering with Goldman Sachs & Co. LLC in Richardson, Texas. Performs security assessments of business-initiated projects helping to drive adoption of application and infrastructure security controls and best practices. Ensure security and privacy by design, including design process improvements, assessment of controls, data models, cryptographic implementation, and compliance and regulatory needs. Collaborate with technical teams on major technology initiatives to ensure security exists at the outset of a design or project. Advise on leading edge engineering controls to protect the firm's network from security risks related to client/server architectures, Cloud architectures, web services and mobile applications. Programming and scripting for data analysis, measuring KPIs and building dashboards. Collaborate with the global team to continually operate and improve a world-class cyber program by providing input into the uplift of sensory tools, detection tuning, and access to data sources to increase detection effectiveness. Provide advice to business and technology users on understanding relevant technology risk policies and standards; principles of security and controls as defined by the firm's risk and control framework; and adoption of secure and resilient solutions.

Job Requirements: Master's degree (U.S. or foreign equivalent) in Cyber Security, Computer Science, Computer Engineering or a related field and one (1) year of experience in the job offered or a related Security Engineering role OR Bachelor's degree (U.S. or foreign equivalent) in Cyber Security, Computer Science, Computer Engineering or a related field and three (3) years of experience in the job offered or a related Security Engineering role. Prior work experience must include one (1) year of experience (with a Master's degree) or three (3) years of experience (with a Bachelor's degree) with each of the following: working with technical understanding of both application and infrastructure architecture and security on premise and Cloud; hands-on experience with application security best practices including OWASP (Open Web Application Security Project) and CWE (Common Weakness Enumeration); assessing and mitigating software security threat vectors, with experience in threat modeling framework STRIDE, attack surface analysis, security design reviews, source code reviews, penetration testing or vulnerability assessments; building applications in shift left environment to help embed security in design phase to implement security controls within system architecture; working with risk management methodologies such as NIST or ISO; assessing and evaluating corporate risk tolerance into goals and new processes including software engineering, IT teams, and other relevant stakeholders; and working in one or more of the following areas: Cryptography, Identity & Access Management (IAM), Sarbanes-Oxley Act (SOX), Static Application Security Tool (SAST), and AWS Cloud.

The Goldman Sachs Group, Inc., 2025. All rights reserved. Goldman Sachs is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, national origin, age, veteran status, disability, or any other characteristic protected by applicable law.