Engineering - Technology Risk – Global Regulatory Engagement (GRE) – Associate/Vice President - Singapore/Tokyo

What We Do: 

The Global Regulatory Engagement team resides within firm’s Technology Risk department, which is led globally by the firm’s Chief Information Security Officer (CISO) and regionally by the Head of Technology Risk for Asia Pacific. The Technology Risk department maintains responsibility for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications, measuring cybersecurity risk, and driving implementation of cybersecurity controls. The Global Regulatory Engagement team has three principal objectives: 

(1) efficiently provide timely and accurate information to global regulators regarding the firm’s information security; 

(2) drive security improvements and prioritization based on internal security requirements and regulations if effect in the jurisdictions in which we operate; and 

(3) inform business decisions by providing insights about relevant regulatory trends and changes. Separately, the Global Regulatory Engagement team is responsible for coordinating the development of technology-related policies and standards across the firm. 

Responsibilities:

• Drafting responses to requests for information from Asia Pacific regulators for information security and cybersecurity matters
• Perform gap analysis of new and changing Asia Pacific regulations impacting technology operational risk including but not limited to information security & cybersecurity
• Coordinating engagements with regulators for information security and cybersecurity related topics
• Conducting analyses to identify regulatory trends of relevance to the firm’s business and risk environments
• Preparing presentations and written products on regulatory trends and issues to inform senior leadership 
• Drive Asia Pacific participation in global Technology Risk programs and activities 
• Coordinating with counterparts in other jurisdictions and regional stakeholders (e.g. Legal, Compliance, Operational Risk) to ensure consistent responses across all regulators
• Driving implementation of specific security controls based on internal security priorities and regulatory
• Managing Asia Pacific local/regional audit and regulatory activities relevant to Technology Risk with primary focus on Information Security and Cybersecurity
• Conducting reviews of system access controls to ensure adequate data segregation measures and best practices are in place
• Managing and delivering regional specific control adoption and uplift initiatives from global Technology Risk programs 
• Communicating status and risks in a succinct, direct and open manner for proper issue management life cycle tracking

Basic Qualifications

• Bachelor’s degree or higher 
• Strong writing skills, ideally with published academic or professional articles
• Experience working in Information/Cyber security, IT Risk & Governance from a sizeable multinational organization 
• Strong analytical, interpersonal, problem solving, influencing, organizational and time management skills with sense of ownership and accountability 
• Experience in communicating technology risks to senior audiences both technical and non-technical
• Work effectively both independently and as part of a team, self-motivated and deadline driven 
• The ability to manage multi-task effectively and interact in a matrixed organization is essential
• Knowledge and experience of financial regulatory environment is must for Asia Pacific jurisdiction 
• Good understanding and knowledge of the following Technology areas and their impact on Information Security: 

o           Windows and Unix/Linux operating systems 

o           Network protocols such as TCP/IP, Firewall and IDS/IPS technology 

o           Voice and Audio-Visual platforms 

o           Application security issues such as OWASP Top 10 

o           Industry Certifications such as CISA, CISSP, and CISM are beneficial

• Strong “risk mindset” with consideration to commercial perspectives

Preferred Qualifications

Technical Management

• Balances use of tactical versus strategic solutions when required
• Recommends technology solutions that improve efficiency and lowers operations costs

Process Engineering

• Strong knowledge in development lifecycle approach
• Operations, information technology, or software engineering background required (exposure to formal processes)
• Ability to communicate and enforce standards, process and control

Project Management

• Strong technical project management skills
• Ability to manage multiple programs simultaneously in high pressure environment where change is common place
• Proactively involves key users in all stages of the project life cycle
• Anticipates potential obstacles and develops contingency plans to overcome them
• Manages expectations, building agreement for project milestones, timelines and measures of success
• Ensures the delivery of quality solutions within agreed upon timeframes and budgets

At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.

We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html

© The Goldman Sachs Group, Inc., 2025. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity