ECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technical
investigative support and mitigate threats to the firm.
What We Do
At Goldman Sachs, our Engineers don't just make things – we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.
Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.
Who We Look For
Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.
Who We Are
Goldman Sachs' Technology Risk organization leads threat, risk analysis and data science initiatives that help protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats, and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain. The team encompasses Information Security, Governance, Measurement and Security and Incident Response. We have presence in New York, London, Tokyo, Bangalore, Hong Kong, Zurich, Moscow, Dallas and Beijing, and cover all technology and business areas including subsidiaries and affiliates globally.
HOW YOU WILL FULFILL YOUR POTENTIAL
• SECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technical investigative support and mitigate threats to the firm.
• The Sensor Grid Engineering team within the SIRT organization operates in multiple capacities across a number of technologies both internally developed and vendor products. We focus on two major areas:
• Sensor Engineering: Here, we research, implement and support best in class technology solutions that enable a comprehensive Cyber Defense program for the firm. Areas include but are not limited to: network connection and packet capture, data leakage protections, malware analysis, sandbox technologies.
• Data Ingestion Engineering: In this capacity we collect security related events and data feeds into a centralized big data infrastructure. We research, implement and support best in class technology solutions related to data ingestion, transformation, enrichments and analysis. Technologies include but are not limited to Splunk, Hadoop, Elastic Search, and Kibana
• As an Engineer in Sensor Grid Engineering, you will be part of a technical team that is responsible for providing the SIRT organization with security sensors and data sets that increases awareness of current and potential Cyber Threats. The Sensor Grid engineering team is responsible for all security sensors within Technology Risk. You will work closely with Threat Management Centre, Hunt, and Detection Engineering teams to ensure our sensors and data streams are effectively configured, streamlined, integrated, automated and monitored to ensure the systems and data necessary to protect the firm from Cyber Threats is available.
• As a member of the Sensor Grid team you will: - Design, deploy, administer, maintain, customize, and scale the systems and data feeds needed to protect the firm from Cyber Threats - Architect and develop solutions that will advance internal security monitoring & controls such as Network Forensics, Data ingestion, Malware Analysis, Infrastructure monitoring, and Data Leakage - Participate in Proof-Of-Concept activities to explore and evaluate new technologies - Become a subject matter expert in a number of security sensors as well as the data flow and analytics of the resulting output. - Become a subject matter expert related to those systems and their customization, such as integration with firm authentication and authorization systems, API usage, and industry direction
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• The ideal candidate should possess the aptitude to work across teams and product owners, to elicit tool-related requirements from all parts of Technology Risk, and to work with tool vendor support teams in resolving issues that may arise from the use of the tools.
• Bachelor's degree in Computer Science, System/Computer Engineering, Cyber or Information Security
• 3+ years of relevant experience in two or more domains: Network Forensics, Data ingestion/ETL, Malware Analysis, Infrastructure scanning, Data Leakage, Network packet capture & Analysis, Process automation
• Strong communication skills and a natural inclination to collaborate
• Ability to think about problems from an out-of-the box perspective, doesn't always default to industry norms
• Experience administering Splunk
• Experience administering and debugging on Windows & Linux
• Applied knowledge of programming / scripting languages (Python a plus)