Technology Risk - Security Engineer (Dallas, TX)

Technology Risk - Security Engineer (Dallas, TX) Goldman Sachs - 3.9 Dallas, TX Job Details 1 hour ago Benefits Disability insurance Health insurance Dental insurance Adoption assistance Parental leave Employee assistance program Life insurance Childcare Qualifications SSO Cloud identity and access management (IAM) Zero Trust security Implementing network security protocols Network design Threat hunting activities Authorization controls implementation IT user and group management Automation GPO OAuth 2.0 Tooling System design Configuration management Security policy Implementation (information security management) Operating system updates Multi-factor authentication (MFA) implementation Endpoint Detection and Response (EDR) 8 years Technical solutions implementation Security system vulnerability testing Patch management System risk assessment (security system operation) Remote access management Security testing methodologies Data access controls implementation Mobile device management Organizational skills MFA Vulnerability management Full Job Description Job Duties Windows Platform Security Engineer to design and maintain comprehensive security controls across enterprise Windows ecosystem. The ideal candidate will possess deep expertise spanning operating system hardening, endpoint protection, identity governance, modern workplace technologies, and hybrid cloud environments. Design, implement, and maintain security baselines and hardening standards across the Windows platform (client and server operating systems). Administer and optimize endpoint security tooling, including EDR/XDR, antivirus, and threat detection solutions. Manage Identity and Access Management (IAM) controls, including authentication, authorization, privileged access, and conditional access policies. Secure modern workplace solutions including Windows Desktops, productivity solutions, and enterprise browser deployments. Architect and enforce network security controls across on-premises and cloud environments, including proxy and web gateway solutions. Collaborate with Infrastructure, Cloud, and Cyber Defense teams to ensure consistent security posture across hybrid environments. Conduct vulnerability assessments and remediation planning. Apply security best practices to harden OSes, maintain secure configurations and reduce host attack surface. Draft security policies, standards and procedures. Contribute to technical and business discussions for security strategy with an emerging threat landscape. Design and develop for shared services, workflows and processes for on-premises and hybrid (on prem + cloud) solutions. Design for integrated security controls, workflows, data protection, authentication and authorization. Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls. Advise and design with commercial and open-source security tools and controls. Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact on services. Skills and Experience At least eight-plus years' experience in Windows platform security or a related role. Proficient with security configuration management tools Ability to influence technical teams, business units and collaborate to reduce attack surface. Capacity to comprehend complex technical infrastructure, identities, access controls and least privilege. Strong written and oral communication skills across varying levels of the organization. Windows Operating System Security In-depth knowledge of Windows OS hardening (Workstations and Windows Servers). Experience with Group Policy (GPO), Security Baselines, and hardening Benchmarks. Endpoint Security Tools Experience with EDR/XDR platforms. Configuration of endpoint protection, threat hunting, and automated remediation. Experience with patch management and endpoint compliance / mobile device management tooling. Identity & Access Management (IAM) Understanding of identity & access management solutions. Implementation of Conditional Access, Multi-Factor Authentication (MFA), and Privileged Identity Management (PIM). Understanding of authentication protocols (Kerberos, NTLM, SAML, OAuth, OpenID Connect). Experience with Single Sign-On (SSO) and identity lifecycle governance. Windows Desktops & Modern Workplace Experience securing Windows Desktop deployments. Knowledge of provisioning policies, security baselines, and access controls for Windows Desktops. Experience with modern workplace productivity tooling on desktop Browser Security Experience managing and securing enterprise browsers Configuration of browser policies, extension governance, and safe browsing controls. Networking & Proxy Solutions Strong understanding of networking fundamentals (TCP/IP, DNS, DHCP, VPN, firewalls). Experience with proxy and secure web gateway solutions. Knowledge of network segmentation, Zero Trust networking, and Secure Access Service Edge (SASE) concepts. Cloud Security Demonstrable experience securing cloud environments. Familiarity with network security groups (NSGs). Understanding of hybrid identity, RBAC, and cloud security posture management (CSPM). Experience managing security across both on-premises and cloud (hybrid) architectures. We Offer Best-In-Class Benefits Healthcare & Medical Insurance We offer a wide range of health and welfare programs that vary depending on office location. These generally include medical, dental, short-term disability, long-term disability, life, accidental death, labor accident and business travel accident insurance. Holiday & Vacation Policies We offer competitive vacation policies based on employee level and office location. We promote time off from work to recharge by providing generous vacation entitlements and a minimum of three weeks expected vacation usage each year. Financial Wellness & Retirement We assist employees in saving and planning for retirement, offer financial support for higher education, and provide a number of benefits to help employees prepare for the unexpected. We offer live financial education and content on a variety of topics to address the spectrum of employees' priorities. Health Services We offer a medical advocacy service for employees and family members facing critical health situations, and counseling and referral services through the Employee Assistance Program (EAP). We provide Global Medical, Security and Travel Assistance and a Workplace Ergonomics Program. We also offer state-of-the-art on-site health centers in certain offices. Fitness To encourage employees to live a healthy and active lifestyle, some of our offices feature on-site fitness centers. For eligible employees we typically reimburse fees paid for a fitness club membership or activity (up to a pre-approved amount). Child Care & Family Care We offer on-site child care centers that provide full-time and emergency back-up care, as well as mother and baby rooms and homework rooms. In every office, we provide advice and counseling services, expectant parent resources and transitional programs for parents returning from parental leave. Adoption, surrogacy, egg donation and egg retrieval stipends are also available. Benefits at Goldman Sachs Read more about the full suite of class-leading benefits our firm has to offer. Opportunity Overview

CORPORATE TITLE

Vice President

OFFICE LOCATION

(S) Dallas

JOB FUNCTION

Technology Risk

DIVISION

Engineering Division