Wealth Management-Richardson-Vice President-Security Engineering
Goldman Sachs · Richardson, TX · 1 wk ago
EngineeringFull-time
Key Responsibilities
- Strategic Leadership & Governance
- Define and execute the multi-year Technology Risk roadmap for the Wealth Management division
- Lead the divisional Risk and Control Self-Assessment (RCSA) process
- Oversee regular control assessments to identify, evaluate, and mitigate technology risks specific to Wealth Management
- Provide executive-level reporting on risk trends, key risk indicators, and the overall technology risk profile
- Oversee and guide a team of embedded Technology Risk Officers supporting specific Wealth Management business verticals
- Technical Risk Advisory & Architecture
- Oversee the "Security Single Point of Contact" (SPOC) model for key Wealth Management initiatives
- Ensure secure design principles, threat modeling, and OWASP Top 10 mitigations are systematically integrated into the architecture and development lifecycle of all Wealth Management applications and platforms
- Drive the adoption of advanced security patterns for cloud-native deployments (AWS preferred) and hybrid infrastructures
- Product Security & SDLC Integration
- Champion the "Shift Left" philosophy by embedding automated security controls and practices within the Software Development Life Cycle (SDLC) using Agile methodologies
- Supervise the execution of comprehensive threat modeling, manual code reviews, penetration testing, and vulnerability assessments across the entire Wealth Management application portfolio
- Collaborate closely with Engineering and DevOps teams to enhance the firm’s security posture through the implementation of automated CI/CD security gates and secure development practices
- Client Due Diligence & Revenue Protection
- Oversee the client-facing security due diligence function for Wealth Management
- Support high-value prospect requests and existing client audits to protect and enable revenue streams
- Represent the firm’s security maturity, technical resilience, and robust control environment to external individual and institutional clients, partners, and advisors
- Innovation & Scaling
- Drive the integration of Artificial Intelligence (AI) and Machine Learning (ML) to automate risk detection, enhance threat intelligence, and scale security operations efficiently
- Research and evaluate emerging trends in fintech security, cryptography, and regulatory landscapes
- Advise portfolio companies and internal stakeholders on proactive risk mitigation strategies, particularly concerning client data privacy
- Experience: 12+ years of progressive experience in Technology Risk, Information Security, or Application Development, with at least 5 years in a senior leadership or "Head of" capacity within the Financial Services industry, specifically with exposure to Wealth Management
- Technical Depth: Deep understanding of core cryptography concepts (Encryption, Hashing, HMAC, digital signatures), cloud security principles (AWS preferred), and web stack technologies (e.g., HTTP, HTML5, AJAX, REST, OAuth, SAML, OIDC)
- Regulatory & Risk Expertise: Expert knowledge of global financial regulations (e.g., SEC , FINRA , GDPR , CCPA , GLBA , state-specific privacy laws) and proven experience applying risk management methodologies such as FAIR (Factor Analysis of Information Risk) or similar frameworks
- Leadership & Management: Proven ability to build, mentor, and lead high-performing global teams of security professionals. Demonstrated success in building coalitions and influencing diverse engineering, business, and executive stakeholders
- Program Management: Strong program and project management skills with a track record of driving complex security initiatives to successful completion within committed timelines
- Communication: Exceptional written and oral communication skills, with the ability to articulate complex technical risks and solutions clearly to both technical and executive audiences
- Risk Assessment: Expertise in performing risk assessments, identifying gaps in compliance with information security policies, and recommending effective mitigation strategies
- Acquisition Experience: Experience with acquisition due diligence and integration from a technology risk perspective
- Security Standards: Familiarity with leading security standards and frameworks such as NIST, OWASP, SANS Top 20, PCI DSS, and CIS Controls
Skills And Experience Required
About Goldman Sachs
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs.