MORE ABOUT THIS JOB
Consumer and Investment Management (CIMD)
The Consumer and Investment Management Division includes Goldman Sachs Asset Management (GSAM), Private Wealth Management (PWM) and our Consumer business (Marcus by Goldman Sachs). We provide asset management, wealth management and banking expertise to consumers and institutions around the world. CIMD partners with various teams across the firm to help individuals and institutions navigate changing markets and take control of their financial lives.
Consumer, externally known as Marcus by Goldman Sachs, is comprised of the firm's digitally-led consumer businesses, which include our deposits and lending businesses. It also includes our personal financial management app, Clarity Money. Consumer combines the strength and heritage of a 150-year-old financial institution with the agility and entrepreneurial spirit of a tech start-up. Through the use of insights and intuitive design, we provide customers with powerful tools that are grounded in value, transparency and simplicity to help them make smarter decisions about their money.
RESPONSIBILITIES AND QUALIFICATIONS
FULFILLING YOUR POTENTIAL
* Digital Finance Trust and Technology Risk - Application Security Specialist will be an individual contributor responsible for securing the applications (Web/API/Mobile) managed by Marcus
* The position is hands-on and requires close collaboration with Product Management, Engineering, Program Management, and Dev Ops teams
* The Application Security Specialist will act as a security advisor to architects, developers, analysts and others to ensure we embed security into the platform
* Drive adoption of embedded application security controls as part of the Software Development Life Cycle (SDLC) in Agile methodology, including automated tools
* Review requirements/architecture to ensure security and privacy by design
* Secure Code Reviews and Penetration Testing
* Assist in implementation of security related product features like authentication, cryptography, etc.
* 6+ years' experience in application security or related fields and risk analysis techniques
* Expert knowledge of application security best practices including OWASP and CWE
* Security testing methodologies, tools and techniques - understanding of common application security vulnerabilities and controls to remediate
* Hands-on experience with web application Penetration Testing
* Proficient communication skills and an effective team player
* Hands-on-experience with cloud security/designing secure systems on AWS
* Working experience in Agile development and scrum teams
ABOUT GOLDMAN SACHS
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.© The Goldman Sachs Group, Inc., 2019. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.
About Goldman Sachs
Goldman Sachs is a multinational financial services firm providing securities, investment banking and management services.