Jobs
>
Toronto

    Engineering -- Tech Risk -- Secure SDLC -- VP -- Toronto - Goldman Sachs

    Goldman Sachs
    Goldman Sachs Toronto, Canada

    1 week ago

    Default job background
    Description

    Tech Risk – Advisory – Secure SDLC – VP

    WHO WE ARE

    Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, Advisory is the consultative and technology subject matter expertise arm, responsible for assessing new technology initiatives for risk, partnering with engineers to architect and design secure products and services, embedding implementation reviews as part of the SDLC and CI/CD pipeline via code analysis and penetration testing, and guiding technology innovation in terms of security and control across Goldman Sachs. The team plays a critical role in designing and assessing controls for our transition to building native public cloud applications.

    YOUR IMPACT

    In this role, you will join the global Secure SDLC (S-SDLC) team within Technology Risk – the team is responsible for the identification of software security flaws, along with providing security assurance advice and guidance to the engineers to help them manage application risks. You will interact with all parts of the firm giving you the opportunity to grow within the Technology Risk team as well as other divisions within the firm.

    The ideal candidate should have experience of integrating, and tuning, software security controls within continuous deployment SDLC, ability to review, triage and remediate findings by interfacing with the Business Units and help raise developer security awareness.

    HOW YOU WILL FULFILL YOUR POTENTIAL

    The Secure-SDLC team is responsible for the identification of software security flaws, along with providing security assurance advice and guidance to the engineers to help them manage application risks.

    You will become a highly committed trusted Risk Advisor with the discipline and interpersonal skills to work in a global environment communicating the impact of technology risks and the approach to mitigation and acceptance. You will provide Technology Risk Advisory risk assessment and advisory services to engineers as part of the Technology Risk function.

    Job Responsibilities:

  • Lead and support static, dynamic and security awareness services
  • Lead development, maintenance and improvement of detection controls, security reviews, remediation activities and business unit engagements
  • Lead S-SDLC training and guidance on security related issues
  • Drive adoption of embedded application security controls within Software Development Life Cycle (SDLC)
  • Lead product evaluation and help engineer tools and solutions that will facilitate the adoption of security controls across the firm
  • Review and provide advice and consultation to business owners for the identified security issues

    • Basic Qualifications:

    Have a minimum of 5 years' experience in information security or related field. You will use your strong technical, interpersonal, organizational, written, and verbal communication skills to interact with your internal clients locally and globally. Your knowledge of Application Security, Risk Analysis and Risk Management techniques, methodologies and governance will enable you to be an active member of the team along with your professional experience in one, or more, of the following disciplines:

  • Understanding of common application security vulnerabilities and controls to remediate.
  • Ability to engage technical client base of engineers and communicate security requirements, potential risks and influence development practices
  • Ability to communicate security flaws in a clear and concise manner to a broad range of audience from engineers, SMEs to senior management
  • Ability to provide clear guidance on vulnerability remediation
  • Expert/Advanced knowledge of Secure software development practices and frameworks
  • Expert/Advanced knowledge of Secure Code Review and Application Security assessment
  • Expert/Advanced knowledge of at least one major programming language (. Java, Python, Go
  • Expert/Advanced knowledge of CI/CD platforms . Gitlab, Jenkins, BitBucket CI, Bamboo, Travis CI, Circle CI, AWS Code Commit and Deploy (or similar)
  • Expert/Advanced knowledge of DevSecOps solutions . Static Application Security Testing (SAST) Dynamic/Interactive Application Security Testing (DAST/IAST) Software Composition Analysis (SCA) Infrastructure as Code (IaC) Container Security Mobile Security

    • Preferred qualifications:

  • Program management skills
  • Expert Knowledge of Cloud (AWS, GCP, Azure) and Cloud Security applications

    • #TechRiskCybersecurity

    ABOUT GOLDMAN SACHS

    At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

    We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at .

    We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process.

  • Goldman Sachs Group, Inc.

    Engineering -- Tech Risk -- Secure SDLC -- VP -- Toronto Toronto, Ontario, Canada Posted on 04/

    1 week ago

    Goldman Sachs Group, Inc. Toronto, ON, Canada

    Tech Risk – Advisory – Secure SDLC – VP · WHO WE ARE · Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the fir ...

  • Teranet

    Systems Administrator

    1 week ago

    Teranet Toronto, Canada

    Systems Administrator · Who We Are · Teranet is Canada's leader in the delivery and transformation of statutory registry services with extensive expertise in land and commercial registries. We also market insightful property and data solutions, as well as practice management auto ...

  • theScore Inc.

    Technical Lead, Application Security

    5 days ago

    theScore Inc. Toronto, Canada

    theScore, a wholly-owned subsidiary of PENN Entertainment, empowers millions of sports fans through its digital media and sports betting products. Its media app 'theScore' is one of the most popular in North America, delivering fans highly personalized live scores, news, stats, a ...

  • Sun Life

    Manager, Sdlc Governance

    20 hours ago

    Sun Life Toronto, Canada

    You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspir ...

  • Arctiq

    DevOps Consultant

    1 week ago

    Arctiq Toronto, Canada

    **About Arctiq**: · Arctiq is a services-led firm providing expertise in the new world of IT transformation. We help clients build continuous improvement strategies using automation, orchestration, DevOps methodologies, security, cloud migration and optimization, and customized w ...

  • AMANST Inc

    Intermediate Project Manager

    4 days ago

    AMANST Inc Toronto, Canada

    AMANST Inc. is looking for **Intermediate Project Manager **for a contract opportunity with Ontario Government. · **Estimated Business Days**: 251 days · **Must Haves** · - 5+ years of experience with Project Management · - Working knowledge of industry standard such as Project M ...

  • Roots

    Cyber Security Analyst

    20 hours ago

    Roots Toronto, Canada

    Roots is more than just an/the iconic Canadian retailer, we are a group of passionate employees who act with integrity, trust each other, and do what is right. We work in a space where people can grow and develop, with a team of people who own results and are dedicated to seeing ...

  • E-Solution

    Rsa Archer 10+year 100% Remote Opening

    5 days ago

    E-Solution Toronto, Canada

    **Position: RSA Archer** · **Location: Toronto ON** · **What is the opportunity?** · - You will have the opportunity to take on a senior developer role within the team by performing analysis, documenting design requirements, carrying out configuration, and supporting testing of t ...

  • E-Solution

    Rsa Archer Consultant 10+year 100% Remote Opening

    3 days ago

    E-Solution Toronto, Canada

    **Position: RSA Archer** · **Location: Toronto ON** · **What is the opportunity?** · - You will have the opportunity to take on a senior developer role within the team by performing analysis, documenting design requirements, carrying out configuration, and supporting testing of t ...

  • Computer Consultants International Inc.

    Project Manager/leader

    5 days ago

    Computer Consultants International Inc. Toronto, Canada

    **The Level 2 Project Manager will**: · - Develop project schedules considering the project objectives, responsibilities, accountabilities, timelines and resource availability. · - Plan, establish priorities and aid in project tasks as needed. Coordinate project team members and ...

  • Merican Inc

    Salesforce Technical Lead

    5 days ago

    Merican Inc Toronto, Canada

    Merican Inc. is a staffing firm that offers recruitment solutions to large clients across the United States. · Job Role: Salesforce Tech Lead · Location: Remote (PST Timezone) · Type: Contract · - Minimum 8+ years of Salesforce projects execution with at least 3+ years in lead ro ...

  • Fidelity Investments

    Information Security Analyst

    1 week ago

    Fidelity Investments Toronto, Canada

    Job Description · Current work authorization for Canada is required for all openings. · You will be working on a Hybrid office schedule as part of Fidelity's dynamic working arrangement. · At Fidelity, we've been helping Canadian investors build better financial futures for over ...

  • Tata Consultancy Services

    Apache Tomcat Administrator

    1 week ago

    Tata Consultancy Services Toronto, Canada

    **About TCS** · TCS operates on a global scale, with a diverse talent base of more than 600,000 associates representing 153 nationalities across 55 countries. TCS has been recognized as a Global Top Employer by the Top Employers Institute - one of only eight companies worldwide t ...

  • Tata Consultancy Services

    Fund Accounting Business Support Analyst

    1 week ago

    Tata Consultancy Services Toronto, Canada

    **About TCS** · TCS is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity, and sexual orientation, to create a workforce that reflects the societies we operate in. Our continued commitment to Cultur ...

  • Cleo Consulting

    Itsm Specialist

    1 week ago

    Cleo Consulting Toronto, Canada

    **Assignment: RQ ITSM Specialist - Senior** · **Start Date: ** · **End Date: ** · **Office Location: 222 Jarvis, Toronto ON** · **Organization: Enterprise Technology Delivery** · **Ministry: Ministry of Public and Business Service Delivery (former MGCS)** · **# Business Days: plu ...

  • Foilcon

    Itsm Specialist 5841-23

    2 weeks ago

    Foilcon Toronto, Canada

    **Description: · **Skills** for this position include but not limited to: · Operational Support '" Queue Management · - Ensure that all SUS operational support requests are assigned and actioned in compliance with service level targets · Operational Support - Incident and Service ...

  • Tata Consultancy Services

    Support Executive

    3 days ago

    Tata Consultancy Services Toronto, Canada

    About TCS · TCS is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity, and sexual orientation, to create a workforce that reflects the societies we operate in. Our continued commitment to Culture an ...

  • Royal Bank of Canada

    Devsecops- Security Scanning Analyst

    1 week ago

    Royal Bank of Canada Toronto, Canada

    **Job Summary** · **What is the opportunity?** · We are looking for a DevSecOps - Security Scanning Analyst. who is energetic, enthusiastic, well organized and has a passion for cybersecurity and development to join our team. We are a team that requires an eager go-getter who wan ...

  • BMO Financial Group

    Tech Lead

    2 days ago

    BMO Financial Group Toronto, Canada

    4100 Gordon Baker Road Toronto Ontario,M1W 3E8 · As a Tech Lead - SRE: · - You are passionate about driving DevOps mindset and culture in a fast-paced, challenging environment where you get the opportunity to work with a spectrum of latest tools and technologies to drive forward ...

  • Air Canada

    Product Manager

    1 week ago

    Air Canada Toronto, Canada

    **Description** · **Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.** · At Air Canada, we are ...