Internal Audit – Technology Audit – GBM Engineering Operations Resilience
| Company | Goldman Sachs |
|---|---|
| Location | Salt Lake City, UT, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- 7+ years’ work experience, and a degree in Computer Science, Information Security, Engineering, or equivalent discipline.
- Comprehensive knowledge of operational resilience including operational risk management, business continuity planning and testing, third party dependency management, incident and crisis management.
- Knowledge of financial markets, products and services.
- Experience with Data Analytics tools and techniques.
- Cloud security / risk concepts, architecture, controls, implementation, and assessment.
- Knowledge of security within the software development lifecycle, vulnerability assessments, penetration testing methodologies and processes, and security risks related to web, mobile, serverless and containerized applications, and network infrastructure.
- Relevant technology standards and regulations – FRB Sound Practices to Strengthen Operational Resilience, Bank of England PS21/3, NIST Cyber Security Framework, Cloud Security Alliance CCM, FFIEC CAT, ISO 27001, GDPR, NYSDFS, data privacy rules, FFIEC IT handbooks etc.
- Ability to work effectively across a large audit team, understanding the team’s role in the overall strategy of the firm.
- Written and verbal communication skills a must; strong interpersonal skills essential. Job requires frequent interaction with technology management.
- Must be able to multitask while managing both time and workload.
- Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly.
Responsibilities
- Communicates and reports on the effectiveness of the firm’s governance, risk management and controls that mitigate current and evolving risk
- Raise awareness of control risk
- Assesses the firm’s control culture and conduct risks
- Monitors management’s implementation of control measures
- Performing regular risk assessments for the area of coverage
- Regularly meeting the business/engineering stakeholders and building strong relationships with management
- Continuously monitoring business and technology developments
- Monitoring regulatory requirements and developments, as well as industry standards
- Performing and leading audit work, including defining the scope of risks and controls assessment of controls design and effectiveness, reviewing audit work and reporting findings to internal and external management
- Validating the closure of management action points
- Managing, coaching and developing team members
Preferred Qualifications
- Ability to review/develop code (Java, C++, Python, etc.) – NICE TO HAVE NOT REQUIRED