Responsibilities
Conduct comprehensive cloud security assessments, evaluating designs, configurations, and implementations across various cloud service
providers (CSPs).
Identify and analyze potential security risks, vulnerabilities, and misconfigurations within cloud environments and applications.
Perform software architecture design reviews for cloud deployments.
Develop secure architecture design patterns, particularly for cloud-native applications.
Develop, evaluate, and document security measures, controls, and guardrails to protect data, applications, APIs, and infrastructure in the cloud.
Collaborate with engineering and development teams to embed security best practices throughout the software development lifecycle (SDLC) and
CI/CD pipelines for cloud-native applications.
Provide technical advisory services on cloud security to internal stakeholders, ensuring alignment with firm-wide security policies and industry
best practices.
Develop and maintain scripts and automated solutions to streamline security processes, vulnerability identification, and compliance checks within
cloud environments.
Stay updated on emerging cloud security threats, technologies, and regulatory requirements.
Contribute to incident response and remediation efforts related to cloud security events as required.
Qualifications
Development / Scripting / Coding Skills: Demonstrated proficiency and hands-on experience in scripting and coding, particularly with
languages such as Python, PowerShell, or Bash, for automation, data analysis, or security tooling.
Baseline Security Knowledge: Fundamental understanding of cybersecurity principles, security controls, and common security domains (e.g.,
network security, identity and access management, data protection, vulnerability management).
Cloud Fundamentals: A foundational grasp of cloud computing concepts and architectures, with basic familiarity and understanding of at least
one major Cloud Service Provider (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud). Prior project experience
in cloud and conceptual understanding is essential.
Bachelor's degree in Computer Science, Information Security, or a related technical field, or equivalent practical experience.
Strong analytical and problem-solving skills with an investigative mindset.
Excellent written and verbal communication skills, with the ability to articulate technical concepts to both technical and non-technical audiences.
Preferred Qualifications:
Prior experience in a security-focused role within financial services or other highly regulated industries.
Familiarity with industry security frameworks and standards (e.g., NIST, ISO 27001, CIS Benchmarks, OWASP).
Relevant security or cloud certifications (e.g., Security+, CySA+, AWS Certified Security – Specialty, Azure Security Engineer Associate, Google
Cloud Professional Cloud Security Engineer).
Skills Required
- Proficiency in scripting/coding (Python, PowerShell, or Bash)
- Fundamental understanding of cybersecurity principles and common security domains
- Foundational knowledge and prior project experience with at least one major cloud provider (AWS, Azure, GCP, or Oracle Cloud)
- Experience performing or supporting cloud security assessments and architecture reviews
- Bachelor's degree in Computer Science, Information Security, or related technical field, or equivalent experience
- Strong analytical and problem-solving skills with investigative mindset
- Excellent written and verbal communication skills for technical and non-technical audiences
- Prior security experience in financial services or regulated industries
- Familiarity with security frameworks and standards (NIST, ISO 27001, CIS Benchmarks, OWASP)
- Relevant security or cloud certifications (Security+, CySA+, AWS Security Specialty, Azure Security Engineer, GCP Cloud Security)
Goldman Sachs Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Goldman Sachs and has not been reviewed or approved by Goldman Sachs.
-
Healthcare Strength — Coverage includes medical, dental, vision, disability, life and accident insurance, with multiple plan options and most premiums subsidized; coverage often starts on day one. Wellness resources, on-site health centers in some locations, and EAP access reinforce the depth of health support.
-
Parental & Family Support — Family care includes on-site childcare in some offices, expectant parent resources, and transitional programs for returning parents. Feedback suggests parental leave is very generous, with reports of around 20 weeks paid leave and stipends for adoption, surrogacy, and fertility-related services.
-
Retirement Support — The firm provides a 401(k) plan with employer matching contributions and broad financial education to help employees plan for retirement. Resources also support saving for education and preparing for unexpected events.
Goldman Sachs Insights
What We Do
At Goldman Sachs, we believe progress is everyone’s business. That’s why we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, Goldman Sachs is a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices in all major financial centers around the world. More about our company can be found at www.goldmansachs.com







