Internal Audit-London-Vice President-Technology Audit
- Employer
- Goldman Sachs
- Location
- London, United Kingdom
- Salary
- Competitive
- Closing date
- Jun 8, 2023
View more
- Job Function
- Banking
- Industry Sector
- Finance - General
- Employment Type
- Full Time
- Education
- Bachelors
You need to sign in or create an account to save a job.
Internal Audit - Technology Risk & Cybersecurity, Vice President/Executive Director
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments, and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world. We commit people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Our people are our greatest asset - we say it often and with good reason. It is only with the determination and dedication of our people that we can serve our clients, generate long-term value for our shareholders and contribute to the broader public. We take pride in supporting each colleague both professionally
and personally. From collaborative workspaces and ergonomic services to wellbeing and resilience offerings, we offer our people the flexibility and support they need to reach their goals in and outside the office
INTERNAL AUDIT
In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes.
WHAT WE LOOK FOR
Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.
YOUR IMPACT
As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, internal Audit:
Communicates and reports on the effectiveness of the firm's governance, risk
Management and controls that mitigate current and evolving risk
Raise awareness of control risk
Assesses the firm's control culture and conduct risks
Monitors management's implementation of control measures
Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity
professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering.
RESPONSIBILITIES
o Analyze the design of controls around the underlying system architecture in the context of information technology controls such as security, availability and performance and their impact on business-aligned technology groups.
o Analyze the business and technology processes to evaluate the effectiveness of the relevant technology controls.
o Validate that system features meet business, technology and regulatory requirements.
o Validate the quality of internal SOX assessments.
SKILLS AND RELEVANT EXPERIENCE
o Internet infrastructure design and installation and support of network devices and firewalls
o Cloud computing concepts, technologies, risks and mitigating controls
o Systems and security administration and configuration of servers and desktops (UNIX, Windows, directory services etc.)
o Security risks related to web, mobile, web services, and client/server architectures
o Encryption schemes (symmetric, asymmetric, and hashing) and how they may be applied in an application architecture
o Vulnerability assessment and penetration testing methodologies and processes for web, thick client and mobile applications
o Experience with Splunk and/or other SIEM platforms would be useful but not required
o Threat modelling, intelligence and incident response
o Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem Management)
o Business continuity planning and disaster recovery design and implementation
o Security within the software development lifecycle
o Relevant technology standards and regulations - NIST Cyber Security Framework, FFIEC CAT, ISO 27001, GDPR, NYSDFS, data privacy rules, FFIEC
IT handbooks etc.
o Data and log analysis (using SQL and Splunk) and visualisation (using Spotfire, Tableau, QlikView or other) would be useful but not required
o Relevant certification or industry accreditation (CISA, CISSP, CISM, etc.) useful but not required
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.
We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more:
https://www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2021. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer
Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments, and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world. We commit people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Our people are our greatest asset - we say it often and with good reason. It is only with the determination and dedication of our people that we can serve our clients, generate long-term value for our shareholders and contribute to the broader public. We take pride in supporting each colleague both professionally
and personally. From collaborative workspaces and ergonomic services to wellbeing and resilience offerings, we offer our people the flexibility and support they need to reach their goals in and outside the office
INTERNAL AUDIT
In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes.
WHAT WE LOOK FOR
Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.
YOUR IMPACT
As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, internal Audit:
Communicates and reports on the effectiveness of the firm's governance, risk
Management and controls that mitigate current and evolving risk
Raise awareness of control risk
Assesses the firm's control culture and conduct risks
Monitors management's implementation of control measures
Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity
professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering.
RESPONSIBILITIES
- Assist / Lead the risk assessment, scoping and planning of a review.
- Assist / Lead in executing the review. Specifically focusing on the following:
o Analyze the design of controls around the underlying system architecture in the context of information technology controls such as security, availability and performance and their impact on business-aligned technology groups.
o Analyze the business and technology processes to evaluate the effectiveness of the relevant technology controls.
o Validate that system features meet business, technology and regulatory requirements.
o Validate the quality of internal SOX assessments.
- Document the results of the test steps executed within the IA automated document project repository.
- Assist/Lead in the report preparation
- Assist/Lead in presenting the scope, progress and results of the review to internal, technology and business stakeholders.
SKILLS AND RELEVANT EXPERIENCE
- 5+ years' work experience, and a degree in Computer Science, Information Security, Engineering or equivalent discipline.
- Technology skills including:
o Internet infrastructure design and installation and support of network devices and firewalls
o Cloud computing concepts, technologies, risks and mitigating controls
o Systems and security administration and configuration of servers and desktops (UNIX, Windows, directory services etc.)
o Security risks related to web, mobile, web services, and client/server architectures
o Encryption schemes (symmetric, asymmetric, and hashing) and how they may be applied in an application architecture
o Vulnerability assessment and penetration testing methodologies and processes for web, thick client and mobile applications
o Experience with Splunk and/or other SIEM platforms would be useful but not required
o Threat modelling, intelligence and incident response
o Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem Management)
o Business continuity planning and disaster recovery design and implementation
o Security within the software development lifecycle
o Relevant technology standards and regulations - NIST Cyber Security Framework, FFIEC CAT, ISO 27001, GDPR, NYSDFS, data privacy rules, FFIEC
IT handbooks etc.
o Data and log analysis (using SQL and Splunk) and visualisation (using Spotfire, Tableau, QlikView or other) would be useful but not required
o Relevant certification or industry accreditation (CISA, CISSP, CISM, etc.) useful but not required
- Ability to work effectively across a large audit team, understanding the team's role in the overall strategy of the firm.
- Written and verbal communication skills a must; strong interpersonal skills essential. Job requires frequent interaction with technology management.
- Must be able to multitask while managing both time and work load.
- Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly.
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.
We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more:
https://www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2021. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer
Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity
You need to sign in or create an account to save a job.
Sign in to create job alerts
Sign in or create an account to start creating job alerts and receive personalised job recommendations straight to your inbox.
Create alert