Security Engineer - Technology Risk - SIRT

Location(s) IN-KA-Bengaluru
Job ID
2021-75917
Schedule Type
Full Time
Level
Associate
Function(s)
Security Engineer
Region
India
Division
Engineering
Business Unit
Technology Risk
Employment Type
Employee

MORE ABOUT THIS JOB

Our objectives are to manage significant cyber-related incidents, quickly escalate incidents identified through our Virtual Fusion Center process, reduce and mitigate risk introduced by Insiders at the firm.   

 

In this position you will be accountable for leading major cyber security incident management calls, managing and overseeing information security user reported incidents, and help to gather technical resources who can remediate the issue. The Incident Manager will also provide business impact updates to Technology and Business leadership as required (in verbal and written form). Another key component of the Incident Manager function is to collect relevant incident related statistics, provide analysis, identify themes, and publish operational health metrics to senior leadership and others on a regular basis. This includes but is not limited to incident duration, root cause analysis and follow-on preventative/corrective action monitoring. The Incident Manager may also serve as a single point of contact for major security events. The Goldman Sachs Virtual Fusion Center leverages existing processes, teams and budgets to converge the identification and escalation paths into a central incident management process. This centralized incident management group was implemented to enhance the effectiveness of the firm’s existing incident management processes. As a key member of the Incident, Investigations and Insider (“I3”), you will help expand the Virtual Fusion Center globally by building relationships with divisional stakeholders and advocating the value SIRT offers through the Virtual Fusion Center.

RESPONSIBILITIES AND QUALIFICATIONS

The Cyber Security Incident Manager role in Goldman Sachs’ Investigations team lets you do all this and more:

 

  • Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups.
  • Evangelize and project manage the expansion of the Virtual Fusion Center.
  • Handles moderate to complex incidents including significant events and Sr. Leadership communications.
  • Communicate risk and other security incident themes and develop recommendations for resolution.
  • Ensure that technology security incidents are documented clearly and that realistic remediation plans are developed and follow up on those remediation plans.
  • Investigate and resolve systemic issues
  • Conduct triage on significant User Reported data security incidents
  • Conduct initial triage on Insider Threat cases
  • Participate in, and sometimes facilitate, a cyber-tabletop drill.
  • Awareness of AWS cloud deployed applications, infrastructure, and how incident management and response ties in.
  • Willingness to obtain cloud certifications relating to incident response and data protection.
  • Work collaboratively in a global follow-the-sun cyber defense model.
  • Escalate issues to senior management as warranted.
  • Identify opportunities to improve SIRT internal operational risk issues, and help measure progress to drive down.
  • Work at the forefront of designing an innovative threat and security incident management solution.
  • Convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations.
  • Ability to promote a team environment.
  • Manage any other assigned duties as required.

Basic Qualifications:

  • Strong English verbal and written communication skills.
  • Ability to multi-task and prioritize work effectively.
  • Highly motivated self-starter.
  • Strong Project Management skills
  • Responsive to challenging tasking.
  • Ability to work in dynamic and high pressure situations.
  • Attention to detail.
  • Ability to document and explain technical details in a concise and understandable manner.
  • Strong sense of ownership and driven to manage tasks to completion.
  • Knowledge of Corporate Risks, IT Controls and other regulations.

 

Desired Skills & Experiences:

  • Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Minimal Three (3) years of additional work experience may be substituted in lieu of a Bachelor’s Degree.  Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, or Decision Science will be considered.
  • Ability to work independently as well as in a team environment, demonstrating creativity and an ability to check work conscientiously for errors and make decisions based on priorities, time constraints and risks.  
  • Experience writing professional documents both for internal and external purposes as well as being comfortable with presenting to senior leadership and often delivering a tough message
  • Excellent oral, written, and presentation communication skills required.
  • Experience with SPLUNK is a plus.

ABOUT GOLDMAN SACHS

The Cyber Security Incident Manager role in Goldman Sachs’ Investigations team lets you do all this and more:

 

  • Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups.
  • Evangelize and project manage the expansion of the Virtual Fusion Center.
  • Handles moderate to complex incidents including significant events and Sr. Leadership communications.
  • Communicate risk and other security incident themes and develop recommendations for resolution.
  • Ensure that technology security incidents are documented clearly and that realistic remediation plans are developed and follow up on those remediation plans.
  • Investigate and resolve systemic issues
  • Conduct triage on significant User Reported data security incidents
  • Conduct initial triage on Insider Threat cases
  • Participate in, and sometimes facilitate, a cyber-tabletop drill.
  • Awareness of AWS cloud deployed applications, infrastructure, and how incident management and response ties in.
  • Willingness to obtain cloud certifications relating to incident response and data protection.
  • Work collaboratively in a global follow-the-sun cyber defense model.
  • Escalate issues to senior management as warranted.
  • Identify opportunities to improve SIRT internal operational risk issues, and help measure progress to drive down.
  • Work at the forefront of designing an innovative threat and security incident management solution.
  • Convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations.
  • Ability to promote a team environment.
  • Manage any other assigned duties as required.

Basic Qualifications:

  • Strong English verbal and written communication skills.
  • Ability to multi-task and prioritize work effectively.
  • Highly motivated self-starter.
  • Strong Project Management skills
  • Responsive to challenging tasking.
  • Ability to work in dynamic and high pressure situations.
  • Attention to detail.
  • Ability to document and explain technical details in a concise and understandable manner.
  • Strong sense of ownership and driven to manage tasks to completion.
  • Knowledge of Corporate Risks, IT Controls and other regulations.

 

Desired Skills & Experiences:

  • Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, or Information Security is preferred. Minimal Three (3) years of additional work experience may be substituted in lieu of a Bachelor’s Degree.  Bachelors of Science/Arts in Forensic Computing, System/Computer Engineering, Data Science, Engineering, Operations Research, or Decision Science will be considered.
  • Ability to work independently as well as in a team environment, demonstrating creativity and an ability to check work conscientiously for errors and make decisions based on priorities, time constraints and risks.  
  • Experience writing professional documents both for internal and external purposes as well as being comfortable with presenting to senior leadership and often delivering a tough message
  • Excellent oral, written, and presentation communication skills required.
  • Experience with SPLUNK is a plus.