Goldman Sachs MENA

Asset and Wealth Management - Product Security Engineering - Associate

Permanent
Doha, Qatar
Experience 2 - 5 yrs
Urgent

Apply now

Report job as expired

Job expiry date: 31/05/2025

Return to jobs page

Job overview

Date posted
16/04/2025
Location
Doha, Qatar
Experience
2 - 5 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
31/05/2025

Job description

The Associate in Product Security Engineering will be part of the Technology Risk function within Goldman Sachs Asset and Wealth Management, focused on ensuring the security of software products and infrastructure. This individual will partner closely with cross-functional teams to embed security practices into software development lifecycles, evaluate application architectures, perform risk assessments, and implement best practices. The role includes performing secure code reviews, conducting threat models, evaluating cloud security controls, and developing patterns to strengthen the firm’s security posture.

Required skills

information security

application security

product security

threat modeling

secure design reviews

penetration testing

OWASP Top 10

NIST standards

PCI compliance

cryptography

risk assessment

source code review

vulnerability assessment

SDLC

cloud security

AWS

Python

Java

project management

Key responsibilities

Partner with business units to evaluate architectural flaws for on-prem/cloud deployments
Collaborate with product management, engineering, and DevOps teams to enhance security controls
Evaluate effectiveness of security controls and recommend improvements
Act as an application security liaison to guide secure software development
Interface with stakeholders to evaluate and communicate security risks
Drive adoption of embedded security controls in Agile SDLC
Provide written and verbal guidance on technology risk management
Promote information security awareness within the region
Develop security patterns and best practices in coordination with global teams

Experience & skills

3–5 years of experience in information security, product/application security, or penetration testing
Knowledge of OWASP Top 10, cloud security vulnerabilities, and standards like NIST, PCI, CIS/SANS
Understanding of cryptographic concepts and secure application design
Experience in threat modeling, security design reviews, source code review, and vulnerability assessments
Strong communication skills to articulate risks to technical and business stakeholders
Program and project management capabilities
Experience working with security architecture, IAM, data loss prevention, penetration testing, and secure systems design
Experience in financial services or fintech is preferred
Knowledge of secure coding in Python, Java, or Go is desirable
Experience with AWS or other cloud technologies is a plus

Apply now

Return to jobs page

Share this posting