About the position
Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and cyber threats. Responsible for detecting and preventing cyber intrusions, developing secure applications and infrastructure, measuring engineering risk, and driving the implementation of engineering risk controls. The team has a global presence across the Americas, APAC, and EMEA. Within Technology Risk, the Digital Risk Office's (DRO) Integrated Risk Management Program elevates Engineering's capabilities to identify, prioritize, and govern engineering thematic risk and remediation. The DRO has established a centralized governance model to oversee the First Line of Defense for Engineering Risk Management and its integration into the firmwide risk management taxonomy and process as well as funding decisions to promote a culture of individual accountability.
Responsibilities
- Collaborate with stakeholders to capture, investigate, and assign overall ownership for issues
- Perform root cause analysis, leveraging quantitative and qualitative methods to determine issue severity
- Work with Engineering colleagues to develop action plans to address root cause(s) for remediation
- Identify dependencies between action plans, ensuring resources are managed appropriately
- Collaborate with various delivery teams to govern and track remediations
- Validate completeness of action plans and ensure that controls are effective prior to closing the issue
- Ensure that key changes to issues are subject to review and approval
- Report and escalate to the appropriate governance forums
- Facilitate lessons learned and continuous process improvement
Requirements
- Experience in enterprise risk management, internal audit, information security, technology risk, or cybersecurity
- Ability to conduct risk analysis, root cause analysis, and action plan development
- Understanding of basic technology concepts (applications, infrastructure, databases, etc.)
- Knowledge of commonly used frameworks (NIST, COBIT, ISO, etc.)
- Strong verbal and written communication skills
- Ability to present with impact and influence
Nice-to-haves
- Experience in program management, project management, or change management
- Knowledge of governance or risk management methodologies
Benefits
- Healthcare & Medical Services
- Competitive vacation policies based on employee level and office location
- Financial support for higher education
- Live financial education and content on a variety of topics
- Medical advocacy service for employees and family members facing critical health situations
- Counseling and referral services through the Employee Assistance Program (EAP)
- Global Medical, Security and Travel Assistance
- Workplace Ergonomics Program
- On-site fitness centers in certain offices
- Reimbursement for fitness club membership or activity fees
- On-site child care centers that provide full-time and emergency back-up care
- Advice and counseling services, expectant parent resources, and transitional programs for parents returning from parental leave
- Adoption, surrogacy, egg donation and egg retrieval stipends
