Technology Risk

**What We Do**

At Goldman Sachs, our Engineers don’t just make things - we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.

Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions. Want to push the limit of digital possibilities? Start here.

**Who We Look For**

Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.

In this role, you will be a full time Vice President/Associate as an Information Security and Cybersecurity professional with experience in security event investigation and incident response. It requires broad understanding of the firm’s Information Security/Cybersecurity policies and controls as well as an ability to coordinate incident response across all technology platforms.

**Responsibilities**:

- Investigate, coordinate and address information security and Cybersecurity incidents
- Act as liaison for global team in coordinating collection and preservation of forensic evidence in support of security event investigation.
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Advise on leading edge engineering to protect Goldman Sachs’ network from security risks related to web, mobile, web services, and client/server architectures.
- Collaborate with the global team to continually operate and improve a world-class cyber program by providing input into the uplift of sensory tools, detection tuning, and access to data sources to increase detection effectiveness.
- Drive the adoption and uplift of global security programs throughout the Asia Pacific region
- Convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations.
- Act as a liaison to senior business leaders, including those outside of the Engineering Division, during security investigations and incidentsRespond to regulatory requests regarding security incidents, as well as the relevant protective and detective security measures.
- Report the status of ongoing incidents, as well as the follow-up actions for resolved incidents, to regional and global management
- Support Compliance, regulatory, or litigation related investigations by coordinating e-discovery, evidence collection and other such activities.
- Participate in a global rota coverage model to prevent and remediate security threats against Goldman Sachs’ global business network.

**Basic Qualifications**:

- Bachelor degree or higher
- Chinese language (written and spoken such as Mandarin) is an advantage
- Clear English communication skills, both verbally and in writing
- Strong analytical, interpersonal, problem solving, organizational and time management skills
- Excellent influencing skills at all levels and the ability to develop and maintain good relationships
- Strong sense of ownership and accountability, driven to manage tasks to completion
- Ability to communicate status, risks, and technical details in a succinct, direct and open manner to both technical and non-technical audiences
- Ability to engage in deep technical discussions with other Engineering groups, as well as ability to convey the same concepts and issues at a high level to senior management
- Excellent presentation skills
- Experience working in a distributed team with expectation for rapid escalation of issues and risks
- The ability to manage multi-task effectively and interact in a matrixed organization is essential
- Experience working in Information security / Cybersecurity from a sizeable multinational organization
- Work effectively both independently and as part of a team, self-motivated and deadline driven

**Preferred Qualifications**:

- Graduate degree in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, or Decision Science will be also considered.
- Industry Certifications such as CISSP or GIAC Cyber Defense, Penetration Testing, or Incident Response and Forensics-related certification.