Tech Risk Advisory Red Team Operator AssociateVice President Warsaw

Who we are

Led by the Chief Information Security Officer (CISO) Technology Risk (TR) protects Goldman Sachs from cyber threats by strengthening detection and prevention capabilities improving the security of applications and infrastructure building software to support security operations measuring cybersecurity risk and designing security controls. TR operates globally across the Americas APAC India and EMEA.

Within TR the Red Team conducts periodic threat intelligence led assessments that emulate real adversaries to evaluate security controls in realistic conditions. Engagements include both:

• Red team assessments to measure end to end resilience against adversary behaviors
  
• Purple team exercises to collaborate with defenders validate detections and rapidly translate findings into durable improvements.
  

The team also researches emerging techniques and invests in the engineering needed to operate safely and repeatably including lab environments tooling and attack simulation infrastructure to ensure assessments remain current and actionable.

Your impact

You will help to deliver high impact Red and Purple Team engagements that meaningfully improve security outcomes at Goldman Sachs. Working from threat intelligence and real-world attacker tradecraft you will emulate credible adversaries identify gaps across people process and technology and help to drive the fixes that reduce risk.
This role focuses on strengthening detection response and prevention through rigorous well scoped testing and clear communication of results to both technical teams and senior stakeholders.

How you will fulfill your potential

You will help plan and execute advanced security assessments against infrastructure and customer facing products informed by the latest threat landscape. You will apply creativity and sound engineering judgment to simulate realistic adversary behaviors while operating with strong risk discipline appropriate for production environments.

Key Responsibilities

• Execute threat intelligence led red team and purple team engagements using frameworks such as MITRE ATT&CK.
• Scope engagements with clear objectives constraints and safety controls aligned to documented rules of engagement.
• Test and validate security controls including detection and response capabilities and document outcomes with evidence.
• Partner with defenders and engineers to translate findings into prioritized measurable remediation plans.
• Contribute to the evolution of playbooks rules of engagement reporting standards and repeatable execution processes.
• Maintain and enhance tooling and assessment infrastructure to support safe scalable and current testing.
• Communicate results clearly including risk context business impact and practical mitigations.
  

Basic Qualifications

• 3 years of experience participating in red team engagements adversary emulation penetration testing or purple teaming.
• Working knowledge of the MITRE ATT&CK framework.
• Experience with threat modelling and security assessment methodologies.
• Familiarity with security standards and guidance such as OWASP testing resources and NIST publications.
• Strong written and verbal communication skills with the ability to explain technical risk to varied audiences.
  

Preferred Qualifications

• CREST certifications or equivalent industry credentials.
• Offensive Security certifications (for example OSCE or OSEP).
• Relevant SANS training in penetration testing red teaming or purple teaming.
• Experience with common security testing tooling (for example Burp Suite Metasploit and Cobalt Strike) and the ability to build lightweight proof of concept tooling or automation (Python PowerShell ).
• Broad knowledge of network application and operating system security risks.
• Degree in Computer Science Computer Engineering Cybersecurity or Information Security or equivalent practical experience.
• Background in software development system design cryptography fundamentals or secure architecture.