Security Engineer - Tech Risk - Associate - Dallas

**WHO WE ARE**

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, The Global Cyber Defense and Intelligence (GCDI) team identifies malicious activity, manages the lifecycle of vulnerabilities within GS technologies, and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks using detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm.

**YOUR IMPACT**

In this role, you will work on an advanced threat detection and response team to proactively identify threats, deliver rapid responses, and develop detections using large data sets and analytic techniques such as standard deviation, simple matching, stack counting, outlier detection, regex, entity-based analysis, AI, and event-based methods. You will also have opportunities to automate incident response workflows and remediation activities to increase the efficacy of our incident response efforts.

**HOW YOU WILL FULFILL YOUR POTENTIAL**

As a Security Engineer in GCDI’s Threat Management Center, you will be an integral part of a technical team that is responsible for providing the GCDI organization with security sensors and data sets that increase awareness of current and potential Cyber Threats. The ideal candidate should be someone with cyber security experience, hands-on technical skills on Windows, Linux and Network security, along with experience in utilizing security information for detection engineering, live intrusions and triage security events in real-time.

**Job Responsibilities:**

• Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach
• Perform host-based and network forensic investigations, determining the cause of the security incident and preserving evidence for potential legal action
• Participate in a 24x7 on-call coverage model to prevent and remediate security threats against Goldman Sachs’ global business network
• Improve the security sensors by looking for opportunities to tune the security controls in response to an evolving security threat landscape
• Lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
• Develop use cases based on adversarial tactics, techniques and procedures (TTPs), and tuning event detection rules to optimize detection efficacy
• Build anomaly detections by applying statistical principles such as standard deviation, stack counting, simple match and regular expression
• Script in languages such as Python, PowerShell or Bash to build incident response workflows and automation

**Basic Qualifications:**

• Strong English verbal and written communication skills
• Strong presentation skills
• Highly motivated and passionate learner
• Strong sense of ownership and driven to manage tasks to completion
• Proficient scripting skills in Python and PowerShell
• Advanced understanding of Linux Operating Systems
• Designing Cloud architecture including security setup, and Incident response strategy
• Hands-on experience in the use of Forensics toolkits such as Volatility, Rekall, The Sleuth Kit, Autopsy, and EnCase
• Ability to conduct cyber security investigations as a Level 2 analyst
• Understanding of how to use artificial intelligence tools to enhance productivity and security of the firm

**Preferred qualifications:**

• 1-4 years' experience with expertise in triaging, analyzing & responding to different security events and conducting digital forensics on Windows, MacOS or Linux operating systems
• Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
• At least one of the following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR
• Experience in security monitoring and cyber defense against AI-powered cyber attacks

#TechRiskCybersecurity

**ABOUT GOLDMAN SACHS**

At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. about our culture, benefits, and people at GS.com/careers.

We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. : https://www.goldmansachs.com/careers/footer/disability-statement.html

**We Offer Best-In-Class Benefits**

Healthcare & Medical Insurance

We offer a wide range of health and welfare programs that vary depending on office location. These generally include medical, dental, short-term disability, long-term disability, life, accidental death, labor accident and business travel accident insurance.

Holiday & Vacation Policies

We offer competitive vacation policies based on employee level and office location. We promote time off from work to recharge by providing generous vacation entitlements and a minimum of three weeks expected vacation usage each year.

Financial Wellness & Retirement

We assist employees in saving and planning for retirement, offer financial support for higher education, and provide a number of benefits to help employees prepare for the unexpected. We offer live financial education and content on a variety of topics to address the spectrum of employees’ priorities.

Health Services

We offer a medical advocacy service for employees and family members facing critical health situations, and counseling and referral services through the Employee Assistance Program (EAP). We provide Global Medical, Security and Travel Assistance and a Workplace Ergonomics Program. We also offer state-of-the-art on-site health centers in certain offices.

Fitness

To encourage employees to live a healthy and active lifestyle, some of our offices feature on-site fitness centers. For eligible employees we typically reimburse fees paid for a fitness club membership or activity (up to a pre-approved amount).

Child Care & Family Care

We offer on-site child care centers that provide full-time and emergency back-up care, as well as mother and baby rooms and homework rooms. In every office, we provide advice and counseling services, expectant parent resources and transitional programs for parents returning from parental leave. Adoption, surrogacy, egg donation and egg retrieval stipends are also available.

Benefits at Goldman Sachs

Read more about the full suite of class-leading benefits our firm has to offer.

Opportunity Overview

CORPORATE TITLE

Associate

OFFICE LOCATION(S)

Dallas

JOB FUNCTION

Security Engineering

DIVISION

Engineering Division