Engineering - Technology Risk - Vulnerability Management - Associate - New York 10/9/2017
The Goldman Sachs Group
New York, NY
JOB DESCRIPTIONAPPLY MORE ABOUT THIS JOB
What We Do
At Goldman Sachs, our Engineers don t just make things we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.
Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities* Start here.
Who We Look For
Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.
Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain. Risk Governance supports various Technology Risk committee structures to align with industry enterprise risk management standards and ensure risk relevant information in provided for senior leadership with the proper oversight and accountability.
Regulatory & Audit Coordination manages Regulatory and Client interactions impacting the Technology Division. Ensures management awareness of regulatory expectations and improves the alignment of technology controls to meet these expectations.
We are looking for an, highly self-motivated candidates for our global Vulnerability Management team within Technology Risk Advisory to be based in New York/London/Warsaw. The successful candidate will ideally possess: Strong technical skills particularly in one, or more areas, of infrastructure or platform security Experience working within a vulnerability management program in a complex and diverse global multi-technology environment Experience with industry standard patch management and vulnerability management tools and techniques The ability to clearly articulate technical vulnerabilities and associated risks to a diverse audience The motivation to and contribute support continual improvement of the firm s global vulnerability program
RESPONSIBILITIES AND QUALIFICATIONS
HOW YOU WILL FULFILL YOUR POTENTIAL
* Execute and support the firm s global vulnerability management program as part of the global Advisory team within Technology Risk
* Help drive vulnerability discovery requirements across the firm s technology environment using various automated and manual discovery tools and vendors
* Work with vulnerability data from various sources to effectively identify and analyze the firm s security posture in relation to technical vulnerabilities to drive risk reduction
* Execution of processes and procedures in support of the vulnerability management lifecycle from identification, to reporting, and risk treatment
* Collaborate with the firm s engineering teams to assess reported vulnerability applicability and impact to the firm to enable appropriate vulnerability management
* Keep up to date with industry patching and vulnerability trends
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
* Knowledge of vulnerability discovery and remediation techniques, processes and methodologies
* Knowledge and experience in the areas of security assessment, vulnerability scanning and risk based threat analysis
* Strong understanding of one or more of application, infrastructure, or networking concepts and protocols to support the Vulnerability Management program
* Experience using industry standard vulnerability assessment tools (such as nmap, nesssus, Qualys) and interpreting, analyzing and assessing their data output
* Experience executing processes, procedures and automation to support a Vulnerability Management program
* Bachelor s degree or higher preferred.
* Clear communication skills, both verbal and in writing.
* Excellent organization and interpersonal skills.
* Strong analytic and problem solving ability
* Experience working as part of a global team.
* A passion for, and deep understanding of, the technical aspects of information security with particular focus on vulnerability and threat management
ABOUT GOLDMAN SACHS
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.
The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.