WHO WE ARE

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA.
Within Technology Risk, the Global Cyber Defense and Intelligence (GCDI) identifies malicious activity and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks using detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm.
The GCDI Governance & Risk Management function leads the groups effort to effectively implement and maintain a sustainable and robust cyber security governance framework. Aligning risk management strategies with business objectives, driving key technology risk initiatives and ensuring timely compliance with regulatory responses and internal policies and standards globally.

YOUR IMPACT

If you are looking for a position that encompasses a wide range of responsibilities and utilizes your stakeholder engagement, communication and problem-solving skills, and with the ability to adapt quickly to changing priorities, then joining our team is an exciting opportunity for you.
Building strong partnerships with GCDI leadership, Governance, Regulatory and Audit teams as well as key stakeholders across Technology Risk, Engineering, Operational Risk and Internal Audit, the role requires ability to solve complex and challenging problems, aligning GCDI strategy with business objectives in a rapidly changing environment. Maintaining a robust cyber security governance framework, aligning risk management strategies with business objectives, driving key technology risk initiatives and ensuring timely compliance with regulatory responses and internal policies and standards globally are all key to be successful in this role

BASIC QUALIFICATIONS

• Bachelor’s degree with 7+ years of experience in enterprise risk management, business management and operations.
• Prior experience working within an engineering or cybersecurity environment preferred.
• Proven experience in managing risk in a fast paced, global and highly regulated environment
• Strong and demonstrable understanding of ever-evolving governance and risk management methodologies, within the context of the regulatory environment for financial services
• Strong analytical, interpersonal, problem solving, influencing, and organizational skills with sense of ownership and accountability
• Strong verbal and written communication skills especially in relation to communicating status, risks and technical concepts in a succinct, direct, and open manner for all levels of the organization.
• Demonstrates experience in effective ongoing program management, including continuous program improvement over time
• Excellent verbal and written communication skills, with an ability to clearly explain complex technical challenges
• Attention to detail and ability to effectively prioritize workload
• Experience in working collaboratively across functions and business units globally, including stakeholders across all three lines of defenseKnowledge of zero based budgeting activities would be beneficial

PREFERRED QUALIFICATIONS

• Bachelor’s degree preferably in Computer Science, Management Information Systems, Cyber/Information Security or similar
• Demonstrable risk management experience
• Experience of cybersecurity regulatory oversight and external or internal audit processes
• Demonstrated understanding and experience of cybersecurity concepts
• Good understanding of cyber and information security controlsIndustry Certifications such as Security+, CISA, CISSP, and CISM are a plus.
• 
  

  TechRiskCybersecurity #EnterpriseRiskManagement #IssueManagementLeader

Please refer the Job description for details