
Goldman Sachs MENA
Asset and Wealth Management - Product Security Engineering - Associate
- Permanent
- Doha, Qatar
- Experience 2 - 5 yrs
- Urgent
Report job as expired
Job expiry date: 31/05/2025
Job overview
Date posted
16/04/2025
Location
Doha, Qatar
Experience
2 - 5 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
31/05/2025
Job description
The Associate in Product Security Engineering will be part of the Technology Risk function within Goldman Sachs Asset and Wealth Management, focused on ensuring the security of software products and infrastructure. This individual will partner closely with cross-functional teams to embed security practices into software development lifecycles, evaluate application architectures, perform risk assessments, and implement best practices. The role includes performing secure code reviews, conducting threat models, evaluating cloud security controls, and developing patterns to strengthen the firmās security posture.
Required skills
Key responsibilities
- Partner with business units to evaluate architectural flaws for on-prem/cloud deployments
- Collaborate with product management, engineering, and DevOps teams to enhance security controls
- Evaluate effectiveness of security controls and recommend improvements
- Act as an application security liaison to guide secure software development
- Interface with stakeholders to evaluate and communicate security risks
- Drive adoption of embedded security controls in Agile SDLC
- Provide written and verbal guidance on technology risk management
- Promote information security awareness within the region
- Develop security patterns and best practices in coordination with global teams
Experience & skills
- 3ā5 years of experience in information security, product/application security, or penetration testing
- Knowledge of OWASP Top 10, cloud security vulnerabilities, and standards like NIST, PCI, CIS/SANS
- Understanding of cryptographic concepts and secure application design
- Experience in threat modeling, security design reviews, source code review, and vulnerability assessments
- Strong communication skills to articulate risks to technical and business stakeholders
- Program and project management capabilities
- Experience working with security architecture, IAM, data loss prevention, penetration testing, and secure systems design
- Experience in financial services or fintech is preferred
- Knowledge of secure coding in Python, Java, or Go is desirable
- Experience with AWS or other cloud technologies is a plus