MORE ABOUT THIS JOB
Associate Security Engineer in Secure Software Development Lifecycle (S-SDLC) team is responsible for reviewing security findings identified by security solutions employed by Goldman Sachs, adjustment and tuning of said solutions detection capabilities, as well as innovation in space of vulnerability prevention and detection in-line software development process. S-SDLC team is primarily responsible for helping the firm to develop secure software and services by providing solutions to detect, prevent and mitigate vulnerabilities that can be introduced during development process.
Are you a security engineer with passion for security and its automation? Are you looking for a role where you can have broad-reaching sensible impact over vast set of development projects? You will be a good fit if you have…
RESPONSIBILITIES AND QUALIFICATIONS
- Basic Qualifications:
Experience with Secure SDLC/DevSecOps processes and tooling – GitLab, Jenkins, Maven, AWS CodePipeline, etc.Experience with Secure-Software Development Lifecycle processes and tooling – Static Application Security Testing – Checkmarx, Semgrep, Veracode, etc. and Dynamic Application Security Testing – Nessus, Detectify, OWASP ZAP, etc.Familiarity with common security standards, controls and implementations (libraries, product security features) – NIST, OWASP, SANSUnderstanding of common security flaws, modern exploitation techniques and attack vectors – OWASP Top 10, SANS Top 25 Common Weaknesses (CWE)Experience integrating security controls into modern CICD platforms. GitLab preferred.Experience with hybrid and cloud environments and associated security controls and their best practice implementations – AWS, GCPExperience in security task automation development. Python skills preferredExcellent and professional communication skills (verbal and written) with ability to articulate complex technical topics in a clear and concise manner
Product development experienceOperational experience with production grade products and servicesExperience with vulnerability assessment, penetration testing and secure code review.Experience in secure coding and vulnerability remediation
How will you fulfill your potential?
In this role you will:
Engage with development teams across global GS organization to address security findings – making applications at the firm more secureDevelop reference implementations, guidelines and training for software developers and architects – embedding security into development process at the firmTune and maintain existing vulnerability detection capabilities – improving detection rates and quality of findings of wide range of security toolingInnovate – introducing new prevention, detection and mitigation capabilities – making it easier for developers at the firm to create secure applications and services
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.
*Notice Period : 0 to 60 Days *Experience : 4 to 6 yrs *Primary Skills : GT-Suite,3D CFD simulation using Star CCM+/TAITHERM is a merit. *Salary Range : 4LPA to 12LPA *Location : Bangalore -1D c [...]
Hi Dear Job Seeker!!! Greeting from Mahindra Holidays and Resorts India Pvt. Ltd.. Grab the Opportunity to work with the Best Timeshare Company Mahindra Holidays and Resorts India Ltd. Urgent Vacan [...]
Designation: BPO Voice Process Job Location: Ramamurthy Nagar , Bangalore Job Type: Permanent. Fresher & Experience Skills: Good Communication, Computer Knowledge Hindi & English Mandatory What's app [...]
Designation: Business development executive Job Location: Ramamurthynagar , Bangalore. Experience: Minimum 6 Months to 2 Years Job Type: Permanent Working Days: 6 Days Opening is only for Female Candi [...]