Security Software Engineer - Crypto

Location(s) UK-MDDSX-London
Job ID
2021-71578
Schedule Type
Full Time
Level
Associate
Function(s)
Security Engineer
Region
EMEA
Division
Engineering
Business Unit
Security Platform Eng & Core Risk Mgt
Employment Type
Employee

MORE ABOUT THIS JOB

Your Impact

Product Security Engineering within Core Engineering is responsible for providing an opinionated, standardized set of tools and services to enable building of secure applications at the firm. The hiring team is primarily responsible for designing and implementing core Secrets Management solutions for the firm’s internal and public cloud technology. We help secure the firm's systems and software by providing solutions that allow our software engineering teams to easily and reliably safeguard their applications.

 

Are you are a software/systems engineer or security engineering specialist looking for a role where you can have broad-reaching positive impact and are enthusiastic about security, authentication, cloud, and cryptography, with a minimum of 2 years' engineering experience? You will be a good fit if you have…

 

How will you fulfill your potential?

  • Build software libraries and services to provide secure-by-default services to software engineering teams, including authentication systems, secrets management solutions, endpoint control solutions, and cloud controls
  • Partner with colleagues from across technology and risk to ensure an outstanding, useable and unobtrusive experience for owners and users of secrets
  • Collaborate on feature design and problem solving
  • Help to provide frictionless integration with the firm’s runtime, deployment and SDLC technologies
  • Manage the full lifecycle of software components, from requirements through design, testing, development, release and demise
  • Help to communicate and promote best practices for security engineering across the firm
  • Engage in production troubleshooting

RESPONSIBILITIES AND QUALIFICATIONS

Basic Qualifications

  • A strong grounding in security concepts, including core cryptography, secure coding practices and principles of authentication and secrets management
  • A good understanding of PKI, X.509, key exchange protocols, and authentication protocols, including token-based authentication
  • The ability to reason about performance, security, and process interactions in complex distributed systems
  • Proficiency in designing, developing and testing cross-platform software in one or more of Java, C++, C# or golang; open to using multiple languages
  • Experience developing, deploying and supporting software across the full Continuous Delivery life-cycle
  • Sound SDLC and practices and tooling experience - version control, CI/CD and configuration management tools
  • The ability to understand and effectively debug both new and existing software
  • Experience meeting demands for high availability, low latency and scale
  • The ability to communicate technical concepts effectively, both written and orally, as well as the interpersonal skills required to collaborate effectively with colleagues across diverse technology teams

Preferred Qualifications

  • Experience using and/or supporting Hashicorp Vault and/or Consul in production
  • Experience with containerisation - Kubernetes/Docker
  • Experience with open source, web authentication solutions
  • Experience monitoring, measuring, auditing and supporting software
  • Scripting skills using Python, PowerShell or Bash
  • Experience with Terraform, Freemarker, Kubernetes and Docker
  • Experience with AWS and OPA
  • Familiarity with OIDC Authentication
  • Experience with Golang, RHEL administration and systemd, Freemarker, GitLab, HAProxy
  • Experience with Windows Administration (2008 – 2012) administration, IIS, LDAP/AD LDS and AngularJS

ABOUT GOLDMAN SACHS

© The Goldman Sachs Group, Inc., 2021. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity