Tech Risk – Global Cyber Defense & Intelligence – Threat Management Center – Analyst
| Company | Goldman Sachs |
|---|---|
| Location | Dallas, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Junior, Mid Level |
Requirements
- Strong English verbal and written communication skills
- Strong presentation skills
- Highly motivated and passionate learner
- Strong sense of ownership and driven to manage tasks to completion
- Proficient scripting skills in Python and PowerShell
- Advanced understanding of Linux Operating Systems
- Designing Cloud architecture including security setup, and Incident response strategy
- Hands-on experience in the use of Forensics toolkits such as Volatility, Rekall, The Sleuth Kit, Autopsy, and EnCase
- Ability to conduct cyber security investigations as a Level 2 analyst
Responsibilities
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach
- Perform host-based and network forensic investigations, determining the cause of the security incident and preserving evidence for potential legal action
- Participate in a 24×7 on-call coverage model to prevent and remediate security threats against Goldman Sachs’ global business network
- Improve the security sensors by looking for opportunities to tune the security controls in response to an evolving security threat landscape
- Lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
- Develop use cases based on adversarial tactics, techniques and procedures (TTPs), and tuning event detection rules to optimize detection efficacy
- Build anomaly detections by applying statistical principles such as standard deviation, stack counting, simple match and regular expression
- Script in languages such as Python, PowerShell or Bash to build incident response workflows and automation
Preferred Qualifications
- 1-3 years’ experience with expertise in triaging, analyzing & responding to different security events and conducting digital forensics on Windows, MacOS or Linux operating systems
- Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
- At least one of the following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR