Technology Risk - Global Cyber Defense & Intel - Vulnerability Management Engineer - Associate

Goldman Sachs-posted 10 months ago
Full-time • Entry Level
Dallas, TX
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, the Security Incident Response Team (SIRT) Vulnerability Management team manages the lifecycle of vulnerabilities within GS technologies, including vulnerability discovery, risk assessment, and treatment. We are a team of security, software and product engineers that allow the firm to respond appropriately to cyber security risks through the use of detection, design and development.

  • Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support
  • Contribute to vulnerability management strategy and automation
  • Develop and maintain automated security scripts using Python to integrate with CI/CD pipelines
  • Collaborate with various engineering teams to understand the vulnerability management needs and collectively develop remediation and mitigation strategies
  • Implement and manage security controls within AWS environments
  • Manage and fine-tune vulnerability scanning schedules, policies, and configurations
  • Perform vulnerability management product POCs as per the defined requirements
  • Develop security dashboards and reports to track vulnerability trends, remediation status, and compliance metrics
  • Work on automated vulnerability scanning using scanners and agents in the public cloud
  • Improve the security sensors by looking for opportunities to tune the vulnerability detection controls and coverage effectiveness
  • Lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
  • Script in languages such as Python, build workflows and automation of scan data
  • Implement, support and evaluate security-focused tools, vulnerability management tools and services
  • Maintain knowledge and skillset relevant to trends in the industry
  • Minimum 1.5-4 years of experience, preferably around organizational security and vulnerability management and also security tool integration, automation support
  • Strong Python scripting skills for automation and integration
  • Experience with CI/CD pipelines and security automation
  • Proficiency with VM tools such as Qualys, Prisma Defender, and Edge Scanning
  • Deep understanding of container security and Kubernetes security best practices
  • Experience with infrastructure as code (IaC) security (Terraform, CloudFormation)
  • Strong hands-on experience with endpoint security tools such as MDE, CrowdStrike, Prisma Defender, CBR, and Bit9
  • Strong analytical skills to identify, prioritize, and remediate security risks
  • Demonstrated understanding of infrastructure components and cloud vulnerability scanning
  • Identify, integrate, monitor and improve infosec controls/tools by understanding business processes
  • Strong English verbal and written communication skills
  • Strong presentation skills
  • Strong sense of ownership and driven to manage tasks to completion
  • Work experience on any major public clouds such as AWS and Azure
  • Advanced understanding of Linux Operating Systems
  • Designing Cloud architecture including scanner and agent placement and communication strategies
  • In-depth understanding of any vulnerability scanning tools such as Qualys, Prisma Cloud, Rapid7, AWS Inspector
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service