Engineering- Analyst- Security Engineering

As a Security Engineer in GCDI’s Threat Management Center, you will be an integral part of a technical team that is responsible for providing the GCDI organization with security sensors and data sets that increase awareness of current and potential Cyber Threats. This role offers the chance to fully harness and expand your technical expertise in advanced SOAR technologies, driving critical security initiatives that directly impact the organization’s resilience against cyber threats. The position also provides continuous exposure to the latest innovations in automated threat response, allowing the candidate to stay ahead of emerging threats and industry trends. This will not only solidify their standing as an expert in the field but also open up opportunities for further career growth and influence within the cybersecurity domain.

Responsibilities:

• Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors
• Work at the forefront of designing an innovative threat and security incident management solution
• Develop and optimize SOAR playbooks, integrating various security tools and platforms to automate threat detection, incident response, and remediation processes.
• Work closely with cross-functional teams, including SOC, IT, DevOps, and Risk Management, to align SOAR capabilities with organizational security objectives.
• Customize SOAR workflows, scripts, and connectors to meet the specific needs of the organization, ensuring seamless interoperability between systems.
• Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs’ global business network

Basic Qualifications:

• Strong verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges.
• In-depth understanding of security frameworks (MITRE ATT&CK, NIST), threat intelligence, and automation strategies.
• Strong sense of ownership and driven to manage tasks to completion
• Proficient scripting skills utilizing both Python and PowerShell

Preferred qualifications:

• 1+ years of experience in cybersecurity, with SOAR technologies and incident response. 
• Proficiency in SOAR platforms (e.g., Splunk Phantom, Demisto, Siemplify), scripting languages (Python, PowerShell), and integration with security tools (SIEM, EDR, etc.).
• Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure)
• Any of following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR