Security Engineering - New York - Vice President
Goldman Sachs · New York, NY · 1 wk ago
Engineering$150k–$250k/yrFull-time
Responsibilities
- Support the Technology Risk Advisory function by helping to shape the Vendor Technology Risk strategy.
- Lead a team that assesses threats, risks, and work with Business Units to manage risk portfolios.
- As the Vendor Risk Program Vice President, you will be part of or oversee a team responsible for assessing and managing the portfolio vendor Information Security Risk across the firm.
- Your team will be responsible for all Vendor Technology Risk related initiatives and assessments, including core deep-dive technical cybersecurity assessments and designs of a vendor’s logical security controls, Cloud security assessments, Mobile security assessments, and/or Application security assessments.
Qualifications
- Be well versed in technical cybersecurity risk assessments, provide security measures / solution technical controls, and a demonstrated ability in helping counterparts manage security risks.
- Develop, evaluate, solution, and document security measures, controls, and guardrails to protect data, applications, APIs, implementation / configurations, network infrastructure and systems (e.g., Security Engineer, Architect, Vulnerability Manager).
- Design or implemented security strategy, requirements, and engineer comprehensive cybersecurity architecture through threat modeling (OWASP Top 10, SANS Top 25 etc.), data flow analysis, etc.
- Negotiate and review Information and Cyber Security contractual requirements.
- Working knowledge of the regulatory landscape and its applicability to the vendor ecosystem.
- A good understanding of Information Security controls, along with preferred and alternative implementations.
- Working knowledge of new technology e.g., Cloud computing / AI, ML, zero trust, and understanding of how to assess related security risks.
- A clear understanding of Technology Risk’s role in the Procurement process.
- At least 5 years of relevant work experience.
Preferred Qualifications
- Proficient verbal and written communication skills.
- Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, Information Security, Information Technology or Risk Management is preferred.
- Prior experience conducting IT/cyber security assessments (such as Control Reviews, Design Reviews, Configuration / Implementation Reviews).
- One or more of the following Certificates; CISSP, CCSP, GSEC, CEH, CCNA, CCNP, Solution Architect, Security+, SSCP, or CASP+ are desired.
Pay
The expected base salary for this New York, New York, United States-based position is $150,000 - $250,000. In addition, you may be eligible for a discretionary bonus if you are an active employee as of fiscal year-end.