Engineering - Cloud Security - Security Architecture & Platform Engineering - As
Goldman Sachs
Seattle, WA
Apply
JOB DETAILS
JOB TYPE
Full-time, Employee
SKILLS
Agile Modeling, Alliance/Partner Management, Amazon Web Services (AWS), Application Programming Interface (API), Artificial Intelligence (AI), Authentication, Benchmarking, Best Practices, Big Data, Change Management, Cloud Architecture, Cloud Computing, Communication Skills, Computer Science, Computer Security, Configuration Management, Continuous Deployment/Delivery, Continuous Integration, Cross-Functional, DevOps, Enterprise Applications, Finance, Identify Issues, Internet Security, Investment Management, Investment Services, Java, JavaScript, Machine Learning, Maintain Compliance, Microservices, Node.js, OAuth, On Call, Onboarding, Operational Support, Operations Security (OPSEC), Policy Implementation, Presentation/Verbal Skills, Problem Solving Skills, Product Development, Product Engineering, Public Cloud, Python Programming/Scripting Language, Regulatory Compliance, Release Management/Engineering, Reliability Engineering, Risk Management, Root Cause Analysis, Scalable System Development, Scripting (Scripting Languages), Securities Investments, Security Architecture, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Policy, Security Scanning Services, Security Software, Software Administration, Software Development, Software Development Lifecycle (SDLC), Software Engineering, Source Code/Configuration Management (SCM), Splunk, System Architecture, Team Player, Technical Support, Test Harness, Thought Leadership, U.S. National Institute of Standards and Technology (NIST), Validation Testing, Writing Skills
LOCATION
Seattle, WA
POSTED
23 days ago
At Goldman Sachs, our Engineers don't just make things - we make things possible. Change the world by connecting people and capital with ideas. Solve the most challenging and pressing engineering problems for our clients. Join our engineering teams that build massively scalable software and systems, architect low latency infrastructure solutions, proactively guard against cyber threats, and leverage machine learning alongside financial engineering to continuously turn data into action. Create new businesses, transform finance, and explore a world of opportunity at the speed of markets. Goldman Sachs Engineers are innovators and problem-solvers, building solutions in Artificial Intelligence, risk management, big data, mobile and more.
Cloud Platform
As part of Core Engineering at Goldman Sachs, the Cloud Platform team is responsible for enabling the use of public cloud services across the firm. You will be working as part of multi-disciplinary team responsible for researching, architecting and building a cutting-edge platform that enable Goldman Sachs teams to deploy and manage services in public cloud safely and securely. We are at an early stage of modernizing our services around cloud native principles, and you will be directly contributing to platform that programmatically enforces safety, security and compliance of services and enables engineers to innovate faster.
The organization is seeking highly collaborative, creative, and intellectually curious engineers who are passionate about developing and implementing cutting-edge cloud computing solutions. The ideal candidate will thrive in a DevOps culture and contribute to customer-centric product development. They will work closely with cross-functional teams, and will be creative collaborators who evolve, adapt to change and thrive in a fast-paced global environment.
Key Responsibilities:
Cloud Security Platform Implementation:
Design, implement, and maintain secure cloud architecture aligned with NIST frameworks and industry-recognized cloud security standards, ensuring compliance, resilience, and least-privilege access across cloud environments
Build and deploy cloud security posture management infrastructure using Infrastructure as Code (Terraform/CDK)
Implement integrations with enterprise services including risk management systems, monitoring platforms, SIEM, and compliance frameworks
Deploy and maintain security policies, automated compliance validation, and remediation workflows
Policy-as-Code & Automation:
Demonstrates thought leadership: Guides and upskills other engineers and clients in cloud best practices; demonstrates expertise with automation and infrastructure as code (IaC)
Migrate infrastructure security controls to policy-as-code frameworks with automated testing and validation
Integrate security controls into CI/CD pipelines for shift-left security and pre-deployment validation
Optimize security policies during migration for improved coverage and reduced false positives
Implement policy versioning, change management workflows, and automated deployment pipelines
Secure Infrastructure & SDLC:
Understanding of AWS
Support secure-by-default infrastructure initiatives for standardized cloud account provisioning
Integrate security controls into Software Development Lifecycle (SDLC) with automated gates and validation
Implement security baselines and automated compliance checks for new cloud accounts and services
Provide self-service security scanning and remediation tools for development teams
DevOps & Platform Engineering:
Past enterprise level experience in DevOps, Software, Infrastructure or Site Reliability Engineering (2-4 years)
Proficient in infrastructure as code practices using technologies such as CDK, Terraform, AWS CloudFormation, and/or SaltStack
Experience building CI/CD pipelines from scratch or integrating security controls into existing pipelines
Hands-on experience developing and improving all phases of the software development/delivery lifecycle
Strong grasp of container technology including container orchestration
Authentication & Access Management:
Support implementation of cloud-native authentication and authorization frameworks for service flows
Assist with service identity onboarding and certificate lifecycle management
Execute migration procedures and validate authentication flows for cloud-native access patterns
Troubleshoot authentication issues, performance bottlenecks, and integration challenges
Provide technical support to application teams during authentication framework migrations
Observability & Operational Support:
Proficient in one or more enterprise scale observability tools such as Splunk, Datadog, FluentD, ELK
Experience maintaining and improving the reliability of applications and infrastructure
Provide regional timezone coverage for cloud access and security platform operational issues
Participate in 24/7 on-call rotation for security incidents and platform support
Monitor platform health, respond to alerts, and escalate critical incidents as needed
Implement monitoring, alerting, and automated remediation workflows
Collaboration & Documentation:
Ability to document solutions, cloud architectural patterns, and best practices to ensure that clients have guidance as needed
Proven ability to partner with cloud hyperscale partners to define and troubleshoot cloud architectures and service enablements
Create runbooks for operational scenarios, troubleshooting guides, and training materials
Collaborate with global team members for consistent implementation across regions
Software Development & Problem Solving:
Solid understanding of Microservices and APIs
Develop automation scripts for operational tasks, security workflows, and remediation processes
Build dashboards and reporting mechanisms for security posture visibility
Eager to problem solve and troubleshoot issues that may arise day to day
Basic Qualifications:
Minimum 2-4 years of relevant professional experience with at least 1+ years of familiarity with AWS services
B.S. or higher in Computer Science (or equivalent work experience)
Familiarity with disciplines of enterprise software development such as configuration and release management, source code and version controls along with operating considerations such as monitoring
Experience performing and/or leading root cause analysis following incidents
Experience in Security or Data engineering preferably in an SRE/DevOps environment
Practiced in Java, Python, Javascript / Typescript / Node
Strong written and verbal communication skills
Ability to establish trusted partnerships with product leads and engineering stakeholders
Comfort with agile operating model and DevOps culture
Understanding of authentication protocols (OAuth 2.0, mTLS, certificate-based authentication)
Familiarity with cloud security standards (CIS Benchmarks, NIST frameworks) and compliance requirements
About Goldman Sachs
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has several opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.
We're committed to finding reasonable accommodation for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html
The Goldman Sachs Group, Inc., 2018. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.
About the Company
G