Technology Risk - Asset Management
A career with Goldman Sachs Asset Management is an opportunity to help clients across the globe realize their potential, while you discover your own. As part of one of the world's leading asset managers with over $2 trillion in assets under supervision, you can expect to participate in exciting investment opportunities while collaborating with talented colleagues from all asset classes and regions, and building meaningful relationships with your clients. Working in a culture that values integrity and transparency, you will be part of a diverse team that is passionate about our craft, our clients, and building sustainable success. Bringing together traditional and alternative investments, Goldman Sachs Asset Management provides clients around the world with a dedicated partnership and focus on long-term performance. As primary investment area within Goldman Sachs, we provide investment and advisory services for pension plans, sovereign wealth funds, insurance companies, endowments, foundations, financial advisors and individuals. Team Description:
The Regulatory & Controls team resides within firm's Technology Risk department, which is led globally by the firm's Chief Information Security Officer (CISO) and regionally by the Head of Technology Risk for Asia Pacific. The Technology Risk department maintains responsibility for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications, measuring cybersecurity risk, and driving implementation of cybersecurity controls. The Regulatory & Controls team has three principal objectives: (1) efficiently provide timely and accurate information to global regulators regarding the firm's information security; (2) drive security improvements and prioritization based on internal security requirements and regulations if effect in the jurisdictions in which we operate; and (3) inform business decisions by providing insights about relevant regulatory trends and changes. Separately, the Regulatory & Controls team is responsible for coordinating the development of technology-related policies and standards across the firm. Responsibilities:
- Drafting responses to requests for information from Chinese regulators for information security and cybersecurity matters.
- Perform gap analysis of new and changing Chinese regulations impacting technology operational risk including but not limited to information security & cybersecurity.
- Coordinating engagements with regulators, including periodic reporting, preparation of presentations and written deliverables for information security and cybersecurity related topics.
- Conducting analyses to identify regulatory trends of relevance to the firm's business and risk environments.
- Preparing presentations and written products on regulatory trends and issues to inform senior leadership.
- Coordinating with counterparts in other jurisdictions and regional stakeholders (e.g. Legal, Compliance, Operational Risk) to ensure consistent responses across all regulators.
- Driving implementation of specific security controls based on internal security priorities and regulatory requirements.
- Managing China local/regional audit and regulatory activities relevant to Technology Risk with primary focus on Information Security and Cybersecurity.
- Conducting risk reviews of business and engineering initiated projects to ensure adequate security controls and best practices are in place.
- Communicating status and risks in a succinct, direct and open manner for proper issue management life cycle tracking.
- As needed, support development of engineering related policies and standards in China.
- Bachelor degree or higher
- 5+ years in one or more of the following areas: Information Security, Technology Governance, Operational Risk, Technology Audit, Technology Infrastructure or Application Development or have a current relevant certification.
- Strong writing skills, ideally with published academic or professional articles Exceptional attention to detail.
- Experience working in Information/Cyber security, IT Risk & Governance from a sizeable multinational organization.
- Strong analytical, interpersonal, problem solving, influencing, organizational and time management skills.
- Experience in communicating technology risks to senior audiences both technical and non-technical.
- Strong sense of ownership and accountability.
- Strong English communication skills, both verbally and in writing.
- Native-level Chinese mandarin language abilities (read, write and speak).
- Excellent presentation skills.
- Work effectively both independently and as part of a team, self-motivated and deadline driven.
- The ability to manage multi-task effectively and interact in a matrixed organization is essential.
- Knowledge and experience of financial regulatory environment is a must for China, and as an advantage for other jurisdiction within Asia Pacific.
- Good understanding and knowledge of the following Technology areas and their impact on Information Security:
- Windows and Unix/Linux operating systems
- Network protocols such as TCP/IP, Firewall and IDS/IPS technology
- Voice and Audio-Visual platforms
- Application security issues such as OWASP Top 10
- Industry Certifications such as CISA, CISSP, and CISM are beneficial
- Strong "risk mindset" with consideration to commercial perspectives
- Technical Management
- Balances use of tactical versus strategic solutions when required
- Assists in technical evaluations and vendor management relationships
- Recommends technology solutions that improve operation standards and lowers operations costs
- Process Engineering
- Strong knowledge in development lifecycle approach
- Operations, information technology, or software engineering background required (exposure to formal processes)
- Ability to communicate and enforce standards, process and control
- Project Management
- Strong technical project management skills
- Ability to manage multiple programs simultaneously in high pressure environment where change is common place
ABOUT GOLDMAN SACHS
At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.
We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers .
We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https:// www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2021. All rights reserved.
Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity