Tech Risk – Governance, Regulatory & Engagement – Policy & Control Governance – Associate

YOUR IMPACT

You will be a key addition to the Technology Risk Governance, Regulatory, and Engagement (GRE) team which provides governance over various aspects of the firm’s information security and cyber security program, ensures regulatory obligations are understood and achieved, through the development and monitoring of controls and risks. You will specifically work towards supporting the development, oversight and advancement of the firm’s information and cyber security policies, standards, and controls definitions.

Goldman Sachs has one of the most progressive Technology Risk teams in the industry and is continuing to push the development of risk in preference to security within technology and the business.  Year on year success has led the team to work deeper into the organization and gain valuable insights into how technology needs to function, what its risk really is and how this impacts the business.

 

HOW WILL YOU FULFILL YOUR POTENTIAL? 

Your responsibilities will include advancing the Engineering Division’s information and cyber security control framework and governance processes. You will drive controls, develop their adoption criteria (e.g., risk score, system classification, etc.), govern our control framework, policies/standards and integration with external regulations to ensure the firm stays ahead of threat actors. Your responsibilities will include::

 

• Assisting in high profile, global projects that strengthen the firm’s cybersecurity and technology risk posture
• Identifying areas for improvement in our control / policy framework and drive uplift
• Developing methodology to identify critical assets and sets of applicable controls based on risk 
• Analyzing completeness of control design (e.g. room for auto-measurement, KPIs, adoption across applicable assets, implementation blockers, etc.),
• Analyzing industry frameworks (such as NIST), new external regulations and internal policies/standards to enhance processes, controls and governance,
• Designing and drive control assessment governance (completeness, performance, adequacy, etc.).

 

BASIC QUALIFICATIONS

• Bachelor’s degree, or higher
• Knowledge of, and interest in, technology, information security and/or cybersecurity, risk management and the financial services sector
• Organizational skills with demonstrated ability to manage multiple requests at the same time
• Creative thinking and problem-solving abilities, coupled with a risk management mindset
• Effective communication with technical and non-technical audiences, both verbally and in writing
• Excellent interpersonal skills at all levels and the ability to develop and maintain good relationships
• Ability to prioritize requests and adapt to changing needs in a dynamic work environment
• Outstanding stakeholder management

 

PREFERRED QUALIFICATIONS

• 2-4 years of prior experience in a risk, compliance, regulatory, or information technology/security adjacent role 
• Experience in conducting risk assessments and risk assessment of processes and applications,
• Industry Certifications such as Security+, CISA, CISSP, and CISM are a plus.

  ABOUT GOLDMAN SACHS
  At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. 
  We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. 
  We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html
 
  © The Goldman Sachs Group, Inc., 2023. All rights reserved.

Goldman Sachs is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, national origin, age, veterans status, disability, or any other characteristic protected by applicable law.