WHO WE ARE

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA.

Within Technology Risk, the Global Cyber Defense & Intelligence (GCDI) identifies malicious activity, manage the lifecycle of vulnerabilities within GS technologies, and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks through the use of detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm. The Cyber Threat Analysis (CTA) team within GCDI performs one of the most critical security and risk functions at the firm - detecting vulnerabilities in our technology and ensuring their remediation before they can be exploited by malicious hackers.

Goldman Sachs has one of the most progressive Technology Risk teams in the industry and is continuing to push the development of risk in preference to security within technology and the business. Year on year success has led the team to work deeper into the organization and gain valuable insights into how technology needs to function, what its risk really is and how this impacts the business.

 

YOUR IMPACT

You will be a key addition to the Cyber Threat Analysis team, which continuously strives to contribute to the betterment of the overall security posture of the organization. This role will offer you a great platform to apply your knowledge and skills as well as an opportunity to engage with key stakeholders within and external to the organization to consistently improve the program through various activities such as threat modeling, risk assessment, and industry engagement.

 

HOW YOU WILL FULFILL YOUR POTENTIAL

In this role, you will part of well-established threat intelligence team and will lead intelligence sharing and external engagement, working closely with government agencies and industry information-sharing groups to enhance cybersecurity efforts related to threats, incident response, vulnerability mitigation, and emerging technologies.

The ideal candidate should have strong experience with threat intelligence operations and experience with the U.S. intelligence community. The candidate should be able to clearly convey complicated technical or behavioral analysis to senior management via threat reporting, models, analyses, presentations, or recommendations.

 

RESPONSIBILITIES

· Conduct strategic analysis of the cyber threat landscape in relationship to the firm’s global footprint and critical functions, with a focus on understanding adversarial geopolitical drivers and regulatory contexts.

· Assess cyber campaigns, tradecraft, and vulnerabilities to implement risk mitigation measures across the firm and third parties.

· Work across business units and teams to allocate resources and ensure continuity of operations to address priority incidents and events.

· Brief executive leadership and steering committees on a range of potential high-impact threats to the firm.

· Utilize weekly classified briefings with peer financial institutions, law enforcement, and government partners to inform decision making on risk mitigation priorities.

· Lead engagement with sector partners including the Analysis and Resilience Center for Systemic Risk (ARC), Financial Services Information and Analysis Center (FS-ISAC), Financial Services Sector Coordinating Council (FSSCC), Department of Treasury’s T-Suite Analytic Cell, and CISA’s Joint Cyber Defense Collective (JCDC).

 

BASIC QUALIFICATIONS

· Proven experience in cyber threat intelligence, geopolitical risk analysis, or regulatory policy within a financial or government setting.

· Extensive understanding of cyber threat tradecraft, adversarial tactics, and emerging cybersecurity trends.

· Experience working with classified intelligence and government agencies.

· Ability to write and communicate complex cyber threats to both technical and non-technical stakeholders, including executive leadership.

· Established collaboration skills with industry partners, law enforcement, and intelligence community entities.

· Active TS/SCI Level Clearance.

 

Preferred Experience / Qualifications

· Bachelor's degree or higher preferred.

· Extensive project and program management skills, including the ability to lead and improve projects from start to finish.

· Experience working as part of a global team.

· Active participation and contributions to industry-wide working groups, including thought leadership and co-authoring of white papers and assessments.

· Previous leadership experience in the financial sector.