Goldman Sachs

Engineering Division - Global Cyber Defense & Intel - Vice President - Bengaluru

Posted 5 Days Ago

Be an Early Applicant

Bengaluru, Bengaluru Urban, Karnataka, IND

In-Office

Senior level

Fintech • Financial Services

The Role

Lead detection engineering and incident response activities: triage and investigate security events, perform host/network forensics, tune sensors and SIEM detections, automate response workflows, and coordinate 24x7 SOC coverage to remediate threats and preserve evidence.

Summary Generated by Built In

HOW YOU WILL FULFILL YOUR POTENTIAL

As a Security Engineer in GCDI’s Threat Management Center, you will be an integral part of a technical team that is responsible for providing the GCDI organization with security sensors and data sets that increase awareness of current and potential Cyber Threats. The ideal candidate should be someone with cyber security experience, hands-on technical skills on Windows, Linux and Network security, along with experience in utilizing security information for detection engineering, live intrusions and triage security events in real-time. You will conduct cyber event and incident response investigations and remediate security gaps using world-class security tooling. You will also have opportunities to automate incident response workflows and remediation activities in order to increase the efficacy of our incident response efforts.

Job Responsibilities:

Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors
Work at the forefront of designing an innovative threat and security incident management solution
Coordinate and triage response to cybersecurity events and conduct forensic analysis
Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach
Perform host-based and network forensic investigations, determining the cause of the security incident and preserving evidence for potential legal action
Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs’ global business network
Contribute to improve the efficiency of the Security sensors by looking for opportunity to tune the security controls to adjust to the ever-evolving security threat land scape
Effectively lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
Experience in developing use cases based on adversarial tactics, techniques and procedures (TTPs), and tuning event detection rules to optimize detection efficacy

Basic Qualifications:

Strong verbal and written communication skills, capable of clearly conveying complex technical concepts to both technical and non-technical stakeholders.
Robust analytical and problem-solving abilities, demonstrated by proactively identifying and resolving security challenges, as well as coordinating incident response efforts within a dynamic environment.
Comprehensive understanding of security frameworks such as MITRE ATT&CK and NIST, along with expertise in threat intelligence, automation strategies, and developing detection logic within SIEM platforms like Splunk, Elastic, and BQL.
Strong sense of ownership and commitment to managing tasks to completion, including overseeing daily operations and ensuring effective detection and mitigation of threats.
Proficiency in scripting languages, including advanced skills in Python and PowerShell for developing detection queries and automating security processes.
Relevant industry certifications, such as GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, or GCFR.

Preferred qualifications:

Over 7+ years of experience in cybersecurity, including a minimum of 3 years specializing in detection engineering technologies and incident response.
Managed Security Operations Center (SOC) activities as a shift lead, overseeing daily operations, coordinating incident response efforts, and ensuring effective detection and mitigation of threats within a dynamic environment.
Proficiency in scripting languages, including Python and PowerShell
Expertise in developing advanced analytical queries within SIEM platforms such as Splunk, Elastic, and BQL
Experience crafting queries and detection logic in EDR solutions like Microsoft Defender for Endpoint (MDE) and CrowdStrike Falcon
Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
At least one of the following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR

Skills Required

Hands-on technical skills on Windows, Linux, and network security
Experience conducting cyber event and incident response investigations and forensic analysis
Expertise with security frameworks (MITRE ATT&CK, NIST) and threat intelligence
Experience developing detection logic and use cases in SIEM platforms (Splunk, Elastic, BQL)
Proficiency in scripting for detection and automation (Python, PowerShell)
Strong verbal and written communication and analytical/problem-solving skills
Relevant industry certifications (e.g., GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR)
7+ years total cybersecurity experience, with detection engineering and incident response specialization
Experience with EDR solutions (Microsoft Defender for Endpoint, CrowdStrike Falcon)
Experience conducting incident response in public cloud environments (AWS, Google, Azure)
Prior SOC shift lead or SOC operations management experience

Goldman Sachs Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Goldman Sachs and has not been reviewed or approved by Goldman Sachs.

Healthcare Strength — Coverage includes medical, dental, vision, disability, life and accident insurance, with multiple plan options and most premiums subsidized; coverage often starts on day one. Wellness resources, on-site health centers in some locations, and EAP access reinforce the depth of health support.
Parental & Family Support — Family care includes on-site childcare in some offices, expectant parent resources, and transitional programs for returning parents. Feedback suggests parental leave is very generous, with reports of around 20 weeks paid leave and stipends for adoption, surrogacy, and fertility-related services.
Retirement Support — The firm provides a 401(k) plan with employer matching contributions and broad financial education to help employees plan for retirement. Resources also support saving for education and preparing for unexpected events.

Learn more about Goldman Sachs's Compensation & Benefits →

Goldman Sachs Insights

What's It Like to Work at Goldman Sachs? Goldman Sachs Culture & Values Goldman Sachs Career Growth & Development What's the Work-Life Balance Like at Goldman Sachs? Goldman Sachs Leadership & Management Goldman Sachs Company Growth, Stability & Outlook

View all jobs at Goldman Sachs

View Goldman Sachs Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: New York, NY

67,118 Employees

What We Do

At Goldman Sachs, we believe progress is everyone’s business. That’s why we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, Goldman Sachs is a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices in all major financial centers around the world. More about our company can be found at www.goldmansachs.com