Tech Risk - Governance, Regulatory & Engagement - Policy & Control Governance - Vice President

YOUR IMPACT

You will be a key addition to the Technology Risk Governance, Regulatory, and Engagement (GRE) team which provides governance over various aspects of the firm's technology risk management program, ensures regulatory obligations are understood and achieved, through the development and monitoring of controls and risks. You will specifically work towards supporting the development, oversight and advancement of the firm's technology, data and information and cyber security policies, standards, and controls definitions.

Goldman Sachs has one of the most progressive Technology Risk teams in the industry and is continuing to push the development of risk in preference to security within technology and the business. Year on year success has led the team to work deeper into the organization and gain valuable insights into how technology needs to function, what its risk really is and how this impacts the business.

HOW WILL YOU FULFILL YOUR POTENTIAL?

Your responsibilities will include advancing the Engineering Division's information and cyber security / technology control framework and governance processes. You will drive controls, develop their adoption criteria (e.g., risk score, system classification, etc.), govern our control framework, policies/standards and integration with external regulations to ensure the firm stays ahead of threat actors. Your responsibilities will include:

• Participating in high profile, global projects that strengthen the firm's cybersecurity and technology risk posture
• Driving areas for improvement in our control framework and drive uplift
• Developing the methodology to enhance the firm's technology standards and policies, this includes identifying a mechanism to ensure measurability and adoption of identified controls,
• Analyzing information security frameworks, external regulations and internal policies/standards to enhance processes and controls coverage,
• Driving the design and implementation of control assessment governance (completeness, performance, adequacy, etc.).

BASIC QUALIFICATIONS

• Bachelor's degree, or higher
• 8+ years of prior experience in a risk, compliance, regulatory, or information technology/security adjacent role
• Basic project management and organizational skills with demonstrated ability to manage multiple requests at the same time
• Excellent interpersonal skills at all levels and the ability to develop and maintain good relationships
• Ability to work independently or within a group to analyze challenges and propose solutions
• Ability to prioritize requests and adapt to changing needs in a dynamic work environment
• Outstanding stakeholder management
• Creative thinking and problem-solving abilities, coupled with a risk management mindset
• Effective communication with technical and non-technical audiences, both verbally and in writing
  
  

PREFERRED QUALIFICATIONS

• Understanding of global regulations relevant to information security
• Experience working with information and cyber security policies, standards and control definitions
• Understanding and experience with technology control frameworks such as NIST, ISO:27001 and CIS
• Industry Certifications such as Security+, CISA, CISSP, and CISM are a plus.

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.