Posted 8 days ago
No clicks
**VP, Workplace Security Engineer/Lead - Systems Engineering** Lead our **Workplace Security Engineering** team, driving security architecture, design, and risk governance for modern workplace environments. Key responsibilities include: - **Architecture & Design**: Define security reference architectures for cloud desktop, identity, and endpoint management. Ensure designs align with firm standards and regulations. - **Risk & Governance**: Collaborate with Technology Risk to support architecture reviews, risk assessments, and remediation planning. - **Control Engineering & Assurance**: Own security design approvals, produce control documentation, and support audit activities. Ensure controls are defensible and measurable under audit. - **Endpoint, Identity & Data Protection**: Govern secure design of endpoint onboarding, identity-centric access controls, and data protection across physical, virtual, and cloud desktops. Required **experience**: - 4–10 years in workplace engineering, security engineering, or risk-aligned roles - Strong experience with Windows-based desktop environments (cloud-hosted or virtual) - Familiarity with cloud identity, endpoint management, and information protection tooling - Proven experience working with Technology Risk, Audit, or Governance teams Preferred **skills**: - Experience securing cloud-hosted digital workplace platforms - Understanding of zero trust and identity-centric security architectures - Ability to balance engineering pragmatism with risk discipline **Location**: Warsaw, Mazowieckie, Poland **What Success Looks Like**: - Workplace platforms delivered with approved security architectures - Clear evidence for Technology Risk and regulatory interactions - Engineering teams receiving practical, design-time security guidance
- Compensation
- Not specified
- City
- Warsaw
- Country
- Poland
Currency: Not specified
Full Job Description
The Workplace Engineering organization is responsible for designing, securing, and operating the firms digital workplace platforms, including cloudhosted desktops, endpoint management, identity services, productivity and collaboration services, and data security and compliance capabilities.
Within this organization, Workplace Security Engineering partners closely with Technology Risk, Cyber Security, and Audit teams to ensure workplace platforms are secure by design, compliant with firm standards, and able to meet regulatory and audit expectations throughout their lifecycle.
Role SummaryWe are seeking a Workplace Security Engineer to focus on security architecture, control design, and risk governance for modern workplace environments, including cloud desktop platforms, cloud identity services, endpoint management, and information protection and compliance tooling.
This role sits at the intersection of system engineering, security architecture, and technology risk. The successful candidate will translate risk and control requirements into practical platform designs, lead security design reviews and approvals, and ensure workplace solutions are delivered with clear control ownership, traceability, and auditready evidence.
The role works closely with Technology Risk(TR), enterprise security teams, and platform engineers to support architecture reviews, risk assessments, control attestations, and remediation activities across both onpremise and cloudhosted workplace environments.
Job Responsibilities Platform Security & Architecture- Act as a security design authority for digital workplace platforms, including cloud desktops, cloud identity, endpoint management, and cloud productivity services
- Define and review security reference architectures, control patterns, and guardrails for endpoint, identity, access, data protection, and compliance capabilities
- Ensure platform designs align with firm security standards, zero trust principles, and regulatory requirements
- Assess new workplace capabilities and architectural changes for security, risk, and control impact
- Partner closely with Technology Risk Management to:
- Support architecture and design reviews
- Contribute to risk assessments and threat modeling
- Respond to risk challenge, control testing, and remediation planning
- Own or contribute to formal security design approvals for new or materially changed workplace solutions
- Translate highlevel policies and risk statements into implementable and testable technical controls
- Ensure workplace security controls are:
- Designed intentionally (not implicit)
- Implemented consistently
- Measurable and defensible under audit
- Produce and maintain control documentation, including:
- Architecture diagrams
- Control narratives
- Supporting technical evidence
- Support audit, regulatory, and compliance activities, including walkthroughs and evidence requests
- Partner with engineering teams to close control gaps and risk findings
- Govern secure design of:
- Cloudmanaged endpoint onboarding and configuration
- Identitycentric access controls and device trust signals
- Data classification, retention, eDiscovery, and data loss prevention
- Ensure consistent application of hardening standards, configuration baselines, and policy enforcement across physical, virtual, and cloud desktops
- Review integrations between workplace platforms and downstream services from a security and datahandling perspective
- Work across Workplace Engineering, Cyber Security, Technology Risk, and Audit teams
- Act as a trusted advisor to platform and product owners
- Communicate complex technical and risk concepts clearly to technical, risk, and executive stakeholders
- 410 years of experience in workplace engineering, security engineering, platform security, or riskaligned engineering roles
- Strong experience with Windowsbased desktop environments, including cloudhosted or virtual desktop models
- Proven experience working with Technology Risk, Audit, or Governance teams
- Strong understanding of security control design (preventive, detective, corrective)
- Experience creating architecturegrade and auditready documentation
- Excellent written and verbal communication skills
- Experience securing cloudhosted digital workplace platforms
- Strong familiarity with:
- Cloud identity and access management models
- Endpoint management and configuration enforcement
- Information protection, data governance, and compliance tooling
- Experience supporting regulated environments with formal risk and audit processes
- Understanding of zero trust and identitycentric security architectures
- Ability to balance engineering pragmatism with risk discipline
- Workplace platforms are delivered with approved security architectures
- Technology Risk teams have confidence in control coverage and implementation
- Audit and regulatory interactions are supported by clear, defensible evidence
- Engineering teams receive practical, designtime security guidance
- Security and risk considerations are embedded early and consistently
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.
Were committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html
