Security Engineer – Technology Risk – Advisory – Secure SDLC F-302

Security Engineer – Technology Risk – Advisory – Secure SDLC F-302

13 Sep
|
Goldman Sachs
|
Bangalore Rural

13 Sep

Goldman Sachs

Bangalore Rural

MORE ABOUT THIS JOB



Associate Security Engineer in Secure Software Development Lifecycle (S-SDLC) team is responsible for reviewing security findings identified by security solutions employed by Goldman Sachs, adjustment and tuning of said solutions detection capabilities, as well as innovation in space of vulnerability prevention and detection in-line software development process. S-SDLC team is primarily responsible for helping the firm to develop secure software and services by providing solutions to detect, prevent and mitigate vulnerabilities that can be introduced during development process.





Are you a security engineer with passion for security and its automation? Are you looking for a role where you can have broad-reaching sensible impact over vast set of development projects? You will be a good fit if you have…



RESPONSIBILITIES AND QUALIFICATIONS



- Basic Qualifications:



Experience with Secure SDLC/DevSecOps processes and tooling – GitLab, Jenkins, Maven, AWS CodePipeline, etc.Experience with Secure-Software Development Lifecycle processes and tooling – Static Application Security Testing – Checkmarx, Semgrep, Veracode, etc. and Dynamic Application Security Testing – Nessus, Detectify, OWASP ZAP, etc.Familiarity with common security standards, controls and implementations (libraries, product security features) – NIST, OWASP, SANSUnderstanding of common security flaws, modern exploitation techniques and attack vectors – OWASP Top 10, SANS Top 25 Common Weaknesses (CWE)Experience integrating security controls into modern CICD platforms. GitLab preferred.Experience with hybrid and cloud environments and associated security controls and their best practice implementations – AWS, GCPExperience in security task automation development. Python skills preferredExcellent and professional communication skills (verbal and written) with ability to articulate complex technical topics in a clear and concise manner



Preferred Qualifications:



Product development experienceOperational experience with production grade products and servicesExperience with vulnerability assessment, penetration testing and secure code review.Experience in secure coding and vulnerability remediation



How will you fulfill your potential?



In this role you will:



Engage with development teams across global GS organization to address security findings – making applications at the firm more secureDevelop reference implementations, guidelines and training for software developers and architects – embedding security into development process at the firmTune and maintain existing vulnerability detection capabilities – improving detection rates and quality of findings of wide range of security toolingInnovate – introducing new prevention, detection and mitigation capabilities – making it easier for developers at the firm to create secure applications and services

The original job offer can be found in Kit Job:
https://www.kitjob.in/job/24520040/security-engineer-technology-risk-advisory-secure-sdlc-f-302-bangalore-rural/?utm_source=html

Reply to this offer

Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.

Subscribe to this job alert:
Enter Your E-mail address to receive the latest job offers for: security engineer – technology risk – advisory – secure sdlc f-302
Publish a new Free Offer
Need to publish an offer? With more than 1 million unique users per month, you will find the ideal candidate for your company instantly, what are you waiting for!
Publish Now

Subscribe to this job alert