Technology Risk - Risk Analyst
MORE ABOUT THIS JOB BUSINESS UNIT OVERVIEW Technology Risk identifies, prioritizes, and drives efficient management of technology risks across the firm. Within Technology Risk, Tech Risk Assurance is the execution arm, responsible for analyzing, triaging and reporting on newly discovered risks, supporting Engineering Divisions in risk management, as well as ensuring the integrity of the environment.
ROLE This position will primarily focus on the Technology Risk management and its governance aspects of CCM (Continuous Controls Monitoring), Control Incident Management, and Risk Issue programs within the Technology Risk team.
This is a position working within a global team, but with a regional focus, demanding flexible and broad involvement in our various Technology Risk domains, such as:
- Control Incident Management governance
- Risk Issue Management (reviewing and reporting on systemic issues)
- Continuous Controls Monitoring (ensuring parity across the environment and over time)
- Regional Reporting
- Control Uplift
RESPONSIBILITIES AND QUALIFICATIONS RESPONSIBILIITES - Ability to perform risk assessments across various technology components
- Develop procedures and processes for control oversight and monitoring
- Make informed risk decisions on new issues (vulnerabilities, violations, etc.)
- Be accountable for driving exceptions to zero, through teamwork, coordination and escalation of newly discovered and existing issues
- Continuous control monitoring for compliance of key controls
- Have the ability to leverage other resources outside of the immediate team
- Understand that the role is a control role which, by definition, encounters resistance from developers and system administrators
- Escalate issues appropriately and in a timely manner
- Develop fact pattern analysis for exceptions. (develop trends and derive root cause for major exploits or repeat issues)
- Define clear, meaningful metrics for measuring compliance with our policies and standards
Basic Qualifications - Bachelor's degree or higher required
- 2+ years' experience in Risk Management, Risk Reporting, Audits, Governance, etc.
- Industry certifications such as CISA and/or CISSP desired but not essential
- Experience with any data analysis/visualization tool like Tableau, Power BI, R, Excel, SQL, etc.
Core Skills - Ability to work independently, analyze problems and make decisions with minimal management intervention
- Communicates status and risks in a direct and open manner
- Communicates and demonstrates the need for controls and measurement
- Understanding of metrics concepts and processes is preferred
- Strong analytical, communication, interpersonal, problem solving, organizational and time management skills
- Good influencing skills at all levels and the ability to develop and maintain good relationships
- Strong sense of ownership and accountability
ABOUT GOLDMAN SACHS Successful candidate in this role will demonstrate support in execution of our control polices, as well as influence policies and standards to address discovered risks. Additionally, the individual will contribute to the deployment of new policies and standards, through the use of our standard metrics and reporting, as a means of gauging success.
