Engineering-Hyderabad-Vice President-Security EngineeringHyderabad, Telangana, India
Engineering-Hyderabad-Vice President-Security Engineering
Engineering-Hyderabad-Vice President-Security EngineeringHyderabad, Telangana, India

WHO WE ARE

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA.

Within Technology Risk, the Digital Risk Office (DRO) is responsible for analyzing, triaging and reporting on new and existing risks, supporting Engineering in tech management, as well as ensuring the integrity of the environment across all areas. DRO manages the identification and prioritization of emerging technology risks aligned to our digital transformation efforts to drive cross-divisional risk remediation efforts and ensure platform engineering and business opportunities are effectively balanced in line with the firm’s risk appetite.

YOUR IMPACT

You will be a key addition to the Digital Resilience Risk team, which partners with engineering teams across the firm to help them understand what they can do to reduce and manage their risk and make their systems more resilient. 

HOW YOU WILL FULFILL YOUR POTENTIAL

The core responsibility of the Digital Resilience Risk Program is to identify, assess, mitigate, and manage cyber risks while ensuring the firm can withstand, respond to, and recover from cyber threats and technology disruptions. 

Your responsibilities will include management of Digital Resilience Risk Controls, Monitoring, Control Incident Management, and Technology programs. You will work with all pillars within Technology Risk to understand the risks being identified and their potential impact. You will work with engineering teams to help them understand their complete risk portfolio and how they can reduce risk most effectively. You will partner in programs to reduce risk and improve resiliency across the firm. This will be an opportunity to build both specialized and broad knowledge of the business and technologies across the entire firm and work with engineers at all levels in the organization. 

BASIC QUALIFICATIONS

  • Experience in one or multiple of the following Cyber/Technology Resilience, Threat Modelling, Risk Assessment, Vulnerability Management, SRE, Incident Management, Risk Management, Cyber Risk Reporting 
  • Proven ability to design and implement robust security frameworks to safeguard critical infrastructure and sensitive data 
  • Working knowledge of regulatory compliance, including GDPR, PCI-DSS, and FFIEC, and the NIST SP 800-53. 
  •  
  • Be accountable for driving risk reduction activities, through teamwork, coordination and escalation of newly discovered and existing issues.
  • Develop, implement, and maintain the firm's technology resilience framework, including disaster recovery, business continuity, and cyber recovery
  • Collaborate with IT and business units to ensure alignment of technology resilience strategies with overall business objectives.
  • Conduct regular risk assessments and business impact analyses to identify potential vulnerabilities and areas for improvement.
  • Identify, evaluate, and manage technology related risks that could impact the firm’s ability to operate effectively during disruptions.
  • Coordinate with impacted teams to implement risk mitigation strategies and controls to reduce the likelihood and impact of technology failures or cyber incidents.
  • Monitor and report on the effectiveness of risk mitigation measures, adjusting strategies as needed.
  • Work closely with senior management, IT, and business units to integrate technology resilience into the broader enterprise risk management framework.
  • Provide expert advice and guidance on technology resilience best practices to stakeholders across the firm.
  • Engage with external vendors and service providers to ensure that third-party risks are effectively managed.
  • Ensure that the firms technology resilience practices comply with relevant regulations, standards, and industry best practices.
  • Prepare and present regular reports on program governance technology resilience risks metrics to senior leadership

PREFERRED QUALIFICATIONS

  • Industry certifications such as CISA, CEH and/or CISSP desired but not essential
  • Experience with any data analysis/visualization tool such as Excel, Tableau, Power BI, R, SQL, etc.
  • Experience with applying industry best practices for resiliency programs 

Experience addressing regulatory requirements 
 

ABOUT GOLDMAN SACHS

 
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. 

 
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. 

 
We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html

 
© The Goldman Sachs Group, Inc., 2023. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity