Platform Solutions, GreenSky – Security Advisor, Vice President, Atlanta/Remote

About Goldman Sachs

At Goldman Sachs, we connect people, capital, and ideas to help solve problems for our clients. We are a leading global financial services firm providing investment banking, securities, and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments, and individuals.

What We Do

In Platform Solutions, we power clients with innovative and customer-centered financial products. We bring the best qualities of a technology player and combine that with the best attributes of a large bank. Platform Solutions is comprised of four main businesses, underpinned by engineering, operations, and risk management:

• Transaction Banking, a cash management and payments platform for clients building a corporate treasury system
• Enterprise Partnerships, consumer financial products that companies embed directly within their ecosystems to better serve their end customers
• Merchant Point-of-Sale Lending (GreenSky), a platform that provides custom credit financing for home improvement merchants to offer directly to their customers
• ETF Accelerator, a platform for clients to launch, list and manage exchange-traded funds

Headquartered in Atlanta, GreenSky’s $1.0 billion initial public offering marked the largest U.S. Technology IPO of 2018. Our mission is simple: we power commerce. Our highly scalable, proprietary technology platform enables over 12,000 merchants to offer frictionless promotional payment options to consumers at the point-of-sale, driving increased sales volume and accelerated cash flow. Our bank partners leverage GreenSky’s technology to provide loans to super-prime and prime consumers nationwide. Since our inception, over 1.7 million consumers have financed over $12 billion of commerce using our paperless, real time “apply and buy” technology. 

Who We Look For

Goldman Sachs Engineers are innovators and problem-solvers, building solutions in risk management, big data, mobile and more. We look for creative collaborators who evolve, adapt to change, and thrive in a fast-paced global environment.

Responsibilities and Qualifications

Your Impact

GreenSky is looking for a Technology Risk Advisor to join our Corporate Security Organization. Technology Risk secures GreenSky against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the enterprise, helping develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. 

Job Summary and Responsibilities

• Responsible for enabling the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
• Focus on in-house infrastructure/network projects, external cloud engagements, applications, and adoption.
• Work with various teams to understand design proposals and evaluate risk while supporting the business needs.
• Provide internal risk advisory and consulting services to application and infrastructure developers.
• Perform infrastructure as code reviews.
• Develop policy as code, templates, and modules to implement and enforce secure patterns and guidance.
• Review of pen-test results with the ability find gaps and risks in designs.
• Conduct research and POC's to drive improvements to designs, tooling, potential AI.
• Ensure compliance of corporate security policies and practices for all new applications, SaaS tools, and technology enhancements.
• Incorporate review of DR and BCP planning for all new applications, systems to the enterprise.
• Monitor log files, dashboards, and other appropriate data sources to provide periodic management reporting and input to the life-cycle improvement process.
• Review and approve any PII being sent externally for appropriate file transfer, business reasons, and vendor risk evaluation.
• Develops and maintains security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Reviews to ensure technology is meeting baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM).
• Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risk where applicable.
• This role must demonstrate exemplary judgement in gauging the risk of gaps, formulating both short and long-term business and security goals as well as being organized.
• Responsible for developing, communicating, and enforcing application security standards at both the application and code layer as well as coordinating penetration testing and ownership of various code vulnerability scanning tools.

Qualifications

• Bachelor's degree in Information Technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree
• Minimum of 5 years’ experience in information technology and system administration
• Full-stack knowledge of IT infrastructure:
  • Applications
  • Databases
  • Operating systems (Windows, Linux)
  • IP networks (WAN, LAN)
  • Cloud infrastructure (Azure/AWS)
  • Vulnerability Management (Prisma/Rapid 7)
• Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
  • Change management
  • Ability to read and find vulnerabilities in security scans
• Build Security Requirements
• Exceptional verbal and written communication skills
• CISSP, CCNA, GIAC, GCIA, GCIH, GSEC, Security or similar certification desirable
• Operating systems and networking certifications desirable
• Knowledge of industry standards including ISO 27001, NIST, HIPAA, PCI-DSS, etc.
• Results oriented, willing to accept challenges dynamically and prioritize accordingly to business needs.

ABOUT GOLDMAN SACHS

At Goldman Sachs, we commit our people, capital, and ideas to help our clients, shareholders, and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities, and investment management firm. Headquartered in New York, we maintain offices around the world. 

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. 

We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html

© The Goldman Sachs Group, Inc., 2023. All rights reserved.

Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity