Engineering - Technology Risk - Information Security Senior Analyst - VP - Hong Kong

Location(s) HK-Hong Kong
Job ID
Schedule Type
Full Time
Asia Except Japan
Business Unit
Technology Risk
Employment Type



At Goldman Sachs, our Engineers don’t just make things – we make things possible.  Change the world by connecting people and capital with ideas.  Solve the most challenging and pressing engineering problems for our clients.  Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action.  Create new businesses, transform finance, and explore a world of opportunity at the speed of markets.

Engineering, which is comprised of our Technology Division and global strategists groups, is at the critical center of our business, and our dynamic environment requires innovative strategic thinking and immediate, real solutions.  Want to push the limit of digital possibilities?  Start here.



Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.




The position is for an Information Security professional with experience in security event investigation and incident response.


This position is based in Hong Kong as part of the Asia Pacific Information Security team. It is a demanding role requiring broad understanding of the firm’s Information Security policies and controls as well as an ability to coordinate incident response across all technology platforms.


The successful candidate for this role will provide effective leadership in information security and risk management for the firm by engaging with teams across the Technology Division and working with regional and global teams within Technology Risk to detect and respond to cyber threats.


The position will report into regional Head of Information Security.



Information Security leads the cyber threat, protection, and investigative functions for the firm. Information Security professionals lead the risk analysis and risk monitoring initiatives that help to protect the firm and our clients from information and cyber security risks. The team equips the firm with the knowledge and tools to measure risks, identify and mitigate threats and protect against unauthorized disclosure of confidential information for the firm’s clients, internal business functions, and extended supply chain.



  • Investigate, coordinate and address information security incidents
  • Act as liaison for global team in coordinating collection and preservation of forensic evidence in support of security event investigation.
  • Advise on leading edge engineering to protect Goldman Sachs’ network from security risks related to web, mobile, web services, and client/server architectures.
  • Collaborate with a global team to continually operate and improve a world-class cyber program by providing input into the uplift of sensory tools, detection tuning, and access to data sources to increase detection effectiveness.
  • Drive the adoption and uplift of global security programs throughout the Asia Pacific region
  • Convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations.
  • Act as a liaison to senior business leaders, including those outside of the Technology Division, during security investigations and incidents
  • Respond to regulatory requests regarding security incidents, as well as the relevant protective and detective security measures.
  • Report the status of ongoing incidents, as well as the follow-up actions for resolved incidents, to regional and global management
  • Support Compliance, regulatory, or litigation related investigations by coordinating e-discovery, evidence collection and other such activities.
  • Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs’ global business network.



  • Clear English communication skills, both verbally and in writing
  • Strong analytical, interpersonal, problem solving, organizational and time management skills
  • Excellent influencing skills at all levels and the ability to develop and maintain good relationships
  • Strong sense of ownership and accountability
  • Ability to communicate status, risks, and technical details in a succinct, direct and open manner
  • Attention to detail
  • Ability to engage in deep technical discussions with other Technology groups, as well as ability to convey the same concepts and issues at a high level to senior management
  • Excellent presentation skills
  • Experience working in a distributed team with expectation for rapid escalation of issues and risks
  • Be a strong agent for change. Be able to facilitate new processes and standards that could impact working environment / culture
  • The ability to work within an open, consensus based organization
  • The ability to manage and interact in a matrixed organization is essential
  • The ability to think “outside the box” and develop creative solutions to complex technical and process problems
  • Work effectively both independently and as part of a team, self-motivated and deadline driven
  • Strong customer service orientation
  • Individual must be goal oriented, and be able to work with others to achieve goals
  • Individual must be able to handle multiple interrupts and be able to multi-task effectively
  • Individual must be able to deal with a highly demanding client base and set client expectations appropriately

Preferred Qualifications

  • Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Four (4) years of additional work experience may be substituted in lieu of a Bachelor’s Degree. Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, or Decision Science will be considered.
  • Coursework or experience in computer science, computer security, computer networking, system design, system integration, software development, emerging technologies, open source frameworks, encryption schemes, and application testing/penetration testing/reviews preferred.
  • Industry Certifications such as CISSP or GIAC Cyber Defense, Penetration Testing, or Incident Response and Forensics-related certifications



The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.