Asset & Wealth Management – Security Governance – Risk and Compliance – Analyst
| Company | Goldman Sachs |
|---|---|
| Location | Dallas, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Junior, Mid Level |
Requirements
- 1-3 years of technology experience in one or more of the following areas: Information Security, Technology Governance, Operational Risk, Technology Audit, Technology Infrastructure or Application Development
- Strong understanding of the technology implications of regulations
- Strong program and project management skills and technology expertise
- Ability to analyze internal and external processes and integration to understand risk
- Ability to assess and evaluate corporate risk tolerance and translate into goals and new processes including software engineering, IT teams, and engineering and business stakeholders
- Understanding of relevant audit and control standards and the ability to drive and maintain the compliance initiative across the organization
- Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, penetration testing, data loss prevention, network security, security monitoring, white box testing/static code analysis, and building secure systems
Responsibilities
- Build the overall risk profile of the division and work with stakeholders to create a plan towards reducing risk exposure in an agile, collaborative, and well socialized manner
- Provide advice to business & technology users on (1) understanding of relevant Technology Risk policies and standards, (2) principles of security & controls as defined by the firm’s Technology Risk and Control Framework, and (3) adoption of secure and resilient solutions
- Perform risk assessments to identify gaps in compliance to information security (application and infrastructure) & BCP standards and policies, for both internal technology solutions as well as solutions provided by third-party service providers
- Contribute to global, regional and local Technology Risk initiatives aimed at improving our baseline on information protection, resiliency and controls of technology processes and services
- Provide clear and concise verbal and written recommendations and guidance to both business and technology leaders on matters of Technology Risk Management
- Develop, maintain, and improve Technology Risk Program reflecting new emerging risks
- Promote and assist in the training & awareness of information security within the region
- Maintain a thorough understanding of global, regional and local regulatory requirements that have technology impact
Preferred Qualifications
- Experience in Financial Services/Fintech
- Python, Java or equivalent
- Familiarity with common application vulnerabilities like OWASP Top 10