Associate Software Engineer - Security Asset & Wealth Management - Goldman Sachs

Key Responsibilities

• Partner with engineering teams to conduct security design reviews and embed security controls early in the software development lifecycle.
• Plan, execute, and report on penetration testing engagements across web, API, and cloud environments.
• Develop threat models and risk assessments for new and existing applications, providing actionable remediation guidance.
• Collaborate with product owners to balance commercial objectives with security requirements, ensuring compliance with internal policies and regulatory standards.
• Mentor developers on secure coding practices and assist in the implementation of automated security testing tools.

Requirements

• 2+ years of experience in application security, penetration testing, or related security engineering roles.
• Strong knowledge of threat modeling methodologies, secure software design principles, and common vulnerability frameworks (e.g., OWASP Top 10).
• Proficiency in scripting or programming languages such as Python for automation and tool development.
• Hands‑on experience securing cloud platforms (AWS, Azure, or GCP) and familiarity with cloud security best practices.
• Excellent communication skills and ability to work cross‑functionally with engineering, product, and risk teams.