Technology - GS Bank Tech - Information Security Officer, Governance and Internal Controls

US-NY-New York
Job ID
2017-40400
Schedule Type
Full Time
Level
Vice President/Executive Director
Function(s)
Technology
Americas
Division
Technology
CCBD Technology
Employment Type
Employee

MORE ABOUT THIS JOB

TECHNOLOGY

Our team of engineers builds solutions to the most complex problems. We develop cutting-edge systems and processes that form the core of our key business and enable transactions to move in milliseconds. We provide real-time access to critical deal information and crunch billions of data points each day to inform firm-wide market insights and strategies. Team members have the opportunity to work at the forefront of technology innovation alongside industry leaders and make significant contributions to the field.

 

Our team of engineers builds solutions to the most complex problems. We develop cutting-edge systems and processes that form the core of our key business and enable transactions to move in milliseconds. We provide real-time access to critical deal information and crunch billions of data points each day to inform firm-wide market insights and strategies. Team members have the opportunity to work at the forefront of technology innovation alongside industry leaders and make significant contributions to the field.

 

In Goldman Sachs Bank USA, we offer a wide range of solutions to help our customers meet their financial goals. Our teams seek to provide the highest level of customer service and support in everything we do. The Bank offers high yield savings accounts and a variety of loan products to individuals and private bank, corporate and community clients. Our savings products include an online savings account and certificates of deposit in a variety of terms.

 

The Information Security Officer for GS Bank Technology Risk will be responsible for contributing to and managing the technology risk roadmap and working with broad range of risk partners across the firm to implement/adopt security solutions. In this position, you will have tremendous impact and bring ideas about how to take our Technology Risk team to the next level.

RESPONSIBILITIES AND QUALIFICATIONS

As an Information Security Officer, you will:

  • Build the overall risk profile of the division and work with stakeholders to create a plan towards reducing risk exposure in an agile, collaborative, and well socialized manner
  • Provide advice to business & technology users on (1) understanding of relevant Technology Risk policies and standards and (2) principles of security & controls as defined by the firm's Technology Risk and Control Framework, and (3) adoption of secure and resilient solutions
  • Maintain a thorough understanding of global, regional and local regulatory requirements that have technology impact
  • Perform risk assessments to identify gaps in compliance to information security (application and infrastructure) & BCP standards and policies, for both internal technology solutions as well as solutions provided by third-party service providers
  • Contribute to global, regional and local Technology Risk initiatives aimed at improving our baseline on information protection, resiliency and controls of technology processes and services
  • Provide clear and concise verbal and written recommendations and guidance to both business and technology staff on matters of Technology Risk Management
  • Develop, maintain, and improve Technology Risk Program reflecting new emerging risks
  • Promote and assist in the training & awareness of information security and BCP within the region

Qualifications:

  • 8 or more years of technology experience in one or more of the following areas: Information Security, Technology Governance, Operational Risk, Technology Audit, Technology Infrastructure or Application Development
  • 5 or more years of experience in Information Security, BCP, Technology Controls or Technology Risk Management fields is a significant advantage
  • Strong understanding of the technology implications of regulations
  • Strong program and project management skills and technology expertise
  • Ability to analyze internal and external processes and integration to understand risk.
  • Ability to assess and evaluate corporate risk tolerance and translate into goals and new processes including software engineering, IT teams, and other relevant stakeholders.
  • Understanding of relevant audit and control standards and the ability to drive and maintain the compliance initiative across the organization.
  • Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, penetration testing, data loss prevention, network security, security monitoring, white box testing/static code analysis, and building secure systems.
  • Experience with risk management methodologies such as, but not limited to, FAIR.
  • Experience in Financial Industry/Fintech is a plus.

ABOUT GOLDMAN SACHS

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.


© The Goldman Sachs Group, Inc., 2017. All rights reserved
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.