Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiativesthat are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.SECURITY INCIDENT RESPONSE TEAM (SIRT) supports and enables a comprehensive technical Cyber Defense program for the firm while increasing awareness of current and potential Cyber Threats. Works across the organization to operate efficiently, provide technicalinvestigative support and mitigate threats to the firm.Our team of engineers builds solutions to the most complex problems. We develop cutting-edge systems and processes that form the core of our key business and enable transactions to move in milliseconds. We provide real-time access to critical deal information and crunch billions of data points each day to inform firm-wide market insights and strategies. Team members have the opportunity to work at the forefront of technology innovation alongside industry leaders and make significant contributions to the field. Do you enjoy analyzing cyber-threats? Correlating cyber-attack patterns? Preventing cyber-attacks before they start? A position as a Cyber Threat Analyst in Goldman Sachs' Threat Management Center lets you do all this and more:
RESPONSIBILITIES AND QUALIFICATIONS
HOW YOU WILL FULFILL YOUR POTENTIAL• Decipher attack motivations and techniques by correlating threat data from various sources to complete a comprehensive picture of potential cyber-attacks• Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors• Work at the forefront of designing an innovative threat and security incident management solution• Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach• Perform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal action• Initiate escalation procedures to counteract potential threats/vulnerabilities• Appropriately inform and advise management on incidents and incident prevention• Document and conform to processes related to security monitoring• Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs' global business networkSKILLS AND EXPERIENCE WE ARE LOOKING FOR• Excellent oral, written, and presentation communication skills required• Strong English verbal and written communication skills• Ability to multitask and prioritize work effectively• Highly motivated self-starter• Responsive to challenging tasking• Attention to detail• Strong sense of ownership and driven to manage tasks to completion• Experience conducting security analysis using a well-known commercially available SIEM (Security Information and Event Management) tool (i.e. ArcSight, QRadar, Splunk, AlienVault, etc)• Advanced scripting and coding skills utilizing either Python, Powershell, or JavaPreferred Qualifications• 3-5 years' experience conducting forensics in large scale Linux environments• 1-3 years' experience in Program Project Management disciplines such as Agile or Waterfall• Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Four (4) years of additional work experience may be substituted in lieu of a Bachelor's Degree. Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, Applied Intelligence Analysis, Psychology, or Decision Science will be considered.• Coursework or experience in computer science, computer security, computer networking, system design, system integration, software development, and emerging technologies preferred• Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)• Related certifications: Security+, Network+, CEH, or GCIH a plus.