Tech Risk Engineering – Global Cyber Defense & Intelligence – Threat Management Center – Associate -- Dallas
Dallas, Texas, United States
Goldman Sachs
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base.Tech Risk – Global Cyber Defense & Intelligence – Threat Management Center – Associate
WHO WE ARE
Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, The Global Cyber Defense and Intelligence (GCDI) team identifies malicious activity, manages the lifecycle of vulnerabilities within GS technologies, and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks using detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm.
YOUR IMPACT
In this role, you will join an advanced threat detection and response team, drive proactive identification of threats within the organization, provide rapid response, develop detections by pivoting large data streams, leveraging analytic techniques such as Standard deviation, Simple matching, Stack counting, Outlier detection, Regex, Entity-Based, and Event-based. You will conduct cyber event and incident response investigations and remediate security gaps using world-class security tooling. You will also have opportunities to automate incident response workflows and remediation activities in order to increase the efficacy of our incident response efforts.
HOW YOU WILL FULFILL YOUR POTENTIAL
As a Security Engineer in GCDI’s Threat Management Center, you will be an integral part of a technical team that is responsible for providing the GCDI organization with security sensors and data sets that increase awareness of current and potential Cyber Threats. The ideal candidate should be someone with cyber security experience, hands-on technical skills on Windows, Linux and Network security, along with experience in utilizing security information for detection engineering, live intrusions and triage security events in real-time.
Job Responsibilities:
· Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach
· Perform host-based and network forensic investigations, determining the cause of the security incident and preserving evidence for potential legal action
· Participate in a 24x7 on-call coverage model to prevent and remediate security threats against Goldman Sachs’ global business network
· Improve the security sensors by looking for opportunities to tune the security controls in response to an evolving security threat landscape
· Lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
· Develop use cases based on adversarial tactics, techniques and procedures (TTPs), and tuning event detection rules to optimize detection efficacy
· Build anomaly detections by applying statistical principles such as standard deviation, stack counting, simple match and regular expression
· Script in languages such as Python, PowerShell or Bash to build incident response workflows and automation
Basic Qualifications:
· Strong English verbal and written communication skills
· Strong presentation skills
· Highly motivated and passionate learner
· Strong sense of ownership and driven to manage tasks to completion
· Proficient scripting skills in Python and PowerShell
· Advanced understanding of Linux Operating Systems
· Designing Cloud architecture including security setup, and Incident response strategy
· Hands-on experience in the use of Forensics toolkits such as Volatility, Rekall, The Sleuth Kit, Autopsy, and EnCase
· Ability to conduct cyber security investigations as a Level 2 analyst
Preferred qualifications:
· 1-4 years' experience with expertise in triaging, analyzing & responding to different security events and conducting digital forensics on Windows, MacOS or Linux operating systems
· Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
· At least one of the following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR
#TechRiskCybersecurity
ABOUT GOLDMAN SACHS
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2024. All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Autopsy AWS Azure Banking Bash CFCE CISO Cloud Cyber defense EnCase Finance Forensics GCFA GCFE GNFA Incident response Linux MacOS Network security OSCP PowerShell Python Scripting Sleuth Kit Strategy Threat detection TTPs Vulnerabilities Windows
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs