About Platform Solutions:
In Platform Solutions (PS), we power clients with innovative and customer-centered financial products. We bring the best qualities of a technology player and combine that with the best attributes of a large bank. PS is comprised of four main businesses, underpinned by engineering, operations and risk management:
- Transaction Banking, a cash management and payments platform for clients building a corporate treasury system
- Enterprise Partnerships, consumer financial products that companies embed directly within their ecosystems to better serve their end customers
- Merchant Point-of-Sale Lending, a platform that provides custom credit financing for home improvement merchants to offer directly to their customers
- ETF Accelerator, a platform for clients to launch, list and manage exchange-traded funds
Join us on our journey to deliver financial products and platforms that prioritize the customer and developer experience.
GreenSky, a Goldman Sachs Company, is one of the fastest growing financial technology companies in America. We make it easy for businesses of all sizes to offer credit to their customers with a fast and paperless solution. With billions of dollars in loans and hundreds of thousands of satisfied customers, we are quickly changing the consumer credit marketplace. We have developed a highly scalable loan origination and servicing platform and unique loan origination tools to deliver a differentiated level of service to our multiple stakeholders, including bank partners, merchant and retailer channel partners, consumers, and borrowers.
Leveraging proprietary mobile technology, we are currently experiencing exceptional growth in both accounts and profitability. We have a great team, are growing quickly, and are backed by some of the leading investors in the world. Our corporate headquarters is in the expanding fintech hub of Atlanta.
About the Role:
GreenSky is looking for a Security Architect to join our Corporate Security Organization. This person should be someone with a very strong system engineering experience. The Security Architect secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members. This position will work cross functionally with other teams.
The Security Architect plays an integral role in defining and assessing the organization’s security strategy, architecture and practices. The Security Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. This position would also be an escalation point for a compromised endpoint, insider fraud, or other situations of compromise whereby forensic knowledge is needed.
Duties & Responsibilities:
- Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
- Ensures authorized access by investigating improper access; revoking access; reporting violations. Collaborate with infrastructure teams to implement, maintain, monitor and audit usage and secure storage of privileged credentials.
- Ensure compliance of corporate security policies and practices
- Plan, test and deploy server endpoint software necessary to provide protection from and monitoring of threats.
- Technical team lead for other security engineers.
- Ensure the security software of all endpoints within the corporate network, for remote users and for satellite offices is current and deployed appropriately to provide best available security protection.
- Plan, test and implement appropriate updates, deployments, and rollouts as needed to ensure the integrity of the security software on all company endpoints.
- Monitor log files, dashboards and other appropriate data sources to provide periodic management reporting and input to the life-cycle improvement process.
- Work with the sysadmin teams on any security policy updates in tools such as O365, Mimecast, and any other mail programs.
- Develops security strategy plans and roadmaps based on sound enterprise architecture practices
- Develops and maintains security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
- Determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM)
- Drafts security procedures and standards to be reviewed and approved by executive management and the individual responsible for overall security direction.
- Validates IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable
- Validates security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
- Ensures that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted that should be logged by the security information and event management (SIEM) or log management tool.
- Reviews network segmentation to ensure least privilege for network access.
Conducts forensic analysis of security-related incidents in a manner consistent with guidance from the organization’s counsel, human resources or law enforcement, as the case may be.
Required Skills & Qualifications:
- Bachelor's degree in Information Technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree
- Minimum of 5 years’ experience in information technology and system administration
- Full-stack knowledge of IT infrastructure:
- Operating systems (Windows, UNIX and Linux)
- IP networks (WAN, LAN)
- MS Exchange
- SCCM/Intune/JAMF or a similar deployment tool experience
- Direct experience designing IAM technologies and services (e.g., Active Director, LDAP, Amazon Web Services’ [AWS’] IAM)
- Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
- Change management
- Configuration management
- Asset management
- Incident management
- Problem management
- Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure)
- At least one of this Scripting languages PowerShell/Python/Java Script
- Linux experience a plus.
- Exceptional verbal and written communication skills
- CISSP, CCNA, GIAC, GCIA, GCIH, GSEC, Security+ or similar certification desirable
- Operating systems and networking certifications desirable
- Knowledge of industry standards including ISO 27001, NIST, HIPAA, PCI-DSS, etc.
- Experience with firewalls like Palo Alto, Cisco, Linux iptables/netfilter
- Results oriented, willing to accept challenges dynamically and prioritize accordingly to business needs.
- Availability to work non-standard hours during Maintenance Windows, Business Continuity, Disaster Recovery &/or security incidents
Security architects will be expected to demonstrate the following key behaviors and competencies as they fulfill the core responsibilities of their roles:
- Adaptability: Demonstrates flexibility within a variety of changing situations, while working with individuals and groups. Changes his or her own ideas or perceptions in response to changing circumstances. Alters standard procedures, when necessary, and multitasks when required.
- Business acumen: Demonstrates an awareness of internal and external dynamics, and an acute perception of the dimensions of business issues.
- Openness to learning: Takes personal responsibility for personal growth. Acquires strategies for gaining new knowledge, behaviors and skills. Builds on and applies existing knowledge.
- Versatility: Ability to work effectively with different types of scenarios and challenges. Ability to address tasks and projects for which no precedence exists in the organization.
ABOUT GOLDMAN SACHS
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs.
We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting processs Group, Inc., 2021.
All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity.