Engineering-L2-Dallas-Associate-Risk Governance

Tech Risk

• Digital Risk & Assurance

• Governance

• Associate

WHO WE ARE

Led by the Chief Information Security Officer (CISO), Technology Risk is responsible for governing and overseeing the information security and cybersecurity risk and controls landscape for the Firm. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring information security & cybersecurity risk through intelligent tooling, and designing and driving implementation of information security & cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA.

Within Technology Risk, Digital and Risk Assurance is the execution arm, responsible for analyzing, triaging, and reporting on newly discovered risks, supporting Engineering Divisions in risk management, supporting our external audits from a technology standpoint, overseeing internal assessments as well as ensuring the integrity of the environment.

Goldman Sachs has one of the most progressive Technology Risk teams in the industry and is continuing to push the development of risk in preference to security within technology and the business. Year on year success has led the team to work deeper into the organization and gain valuable insights into how technology needs to function, what its risk really is and how this impacts the business.

YOUR IMPACT

You will be a key addition to the Digital Risk & Assurance governance team, which partners with engineering teams across the firm to help them understand what they can do to reduce and manage their risk and make their systems more resilient.

HOW YOU WILL FULFILL YOUR POTENTIAL

Your responsibilities will include governance of the Digital Risk Office programs, inclusive of Engineering remediation efforts, risk insights, and assurance. You will work with all pillars within Technology Risk to understand the risks being identified and their potential impact. You will work with engineering teams to help them understand their complete risk portfolio and how they can reduce risk most effectively. You will partner in programs to reduce risk and improve resiliency across the firm. This will be an opportunity to build broad knowledge of the business and technologies across the entire firm and work with engineers at all levels in the organization.

Responsibilities include:

• Be accountable for driving exceptions to zero, through teamwork, coordination and escalation of newly discovered and existing issues

• Identify and track technology uplifts to manage risk

• Develop fact pattern analysis for exceptions (develop trends and derive root cause for repeat issues)

• Develop procedures and processes for control oversight and monitoring

• Test and validate the design, implementation, and performance of controls

• Continuous reporting and escalation across all activities

BASIC QUALIFICATIONS & SKILLS

• Bachelor's degree

• 2-3 years' experience in Risk Management, Risk Reporting, Audits, Governance, etc.

• Experience with any data analysis/visualization tool such as Excel, Tableau, Power BI, R, SQL, etc.

• Experience with general and cyber security related Information technology controls design and reviews

• Ability to work effectively in a global team environment and drive results in a matrixed organization

• Results oriented, strong sense of ownership and eagerness to learn

• Strong sense of ownership and accountability

• Clear communication skills, both verbally and in writing

• Excellent organization and interpersonal skills

• Experience working as part of a global team

• Attention to detail

• The motivation to assist driving, enhancing and contributing to continual improvement of the firm's Risk and control operations program

• Clear sense of ownership and driven to manage tasks to completion

• Ability to multitask and prioritize work effectively

• Highly motivated self-starter

PREFERRED QUALIFICATIONS

• Industry certifications such as CISA and/or CISSP desired but not essential

• Understanding of information technology audit and control frameworks such as NIST COBIT and ITIL

• Experience with JIRA and development of dashboards/reporting

#TechRiskCybersecurity

ABOUT GOLDMAN SACHS

At Goldman Sachs, we commit our people, capital, and ideas to help our clients, shareholders, and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities, and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html

The Goldman Sachs Group, Inc., 2024. All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity