Engineering - Dallas - Vice President - Third Party Risk Governance
WHO WE ARE
The Goldman Sachs Group, Inc. is a leading global financial services firm providing investment banking, securities and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments, and high-net-worth individuals. The firm is headquartered in New York and maintains offices in London, Frankfurt, Tokyo, Hong Kong, and other major financial centers around the world.
MORE ABOUT THIS JOB
This position provides an opportunity for a dynamic and risk-aware individual to aid in the design and shape the Core Engineering Third Party control framework. The Core Engineering Third Party Risk Management Team is responsible for overseeing aspects of policy implementation, quality assurance, audit facilitation and relative analytics. You will be happy getting into risk level detail alongside designing and implementing a long-term vision for the team and managing our various stakeholders.
RESPONSIBILITIES
- Act as a champion and a primary point of contact for stakeholders across all 3 lines of defence for matters related to the division’s vendor profile.
- Enable the division to comply with the Firmwide Third Party Risk and Control Framework and associated programs.
- Provide active engagement across the full spectrum of risks from introduction of Third Parties to ensure appropriate oversight and governance of first line risk taking activities.
- Engage with Risk Partners across the organization (e.g. Compliance, Technology Risk), as needed, to review control requirements and drive resolution of vendor issues with Vendor Relationship Owners.
- Facilitate disruption testing in partnership with firmwide operational resilience and VROs.
- Develop and provide periodic global and regional reporting on vendor landscape, risks, controls, and overall status of divisional execution against the program requirements.
- Manage internal and external examinations and engagements (regulatory, audit, compliance).
- Equipping Enterprise Vendor Relationship Owners and Divisional Vendor Risk Owners with skills, training, and awareness on their roles.
- Support and help lead aspects of the global Third Party Risk Management Program initiatives and priorities, building capabilities including development of a process inventory, adoption of controls, issue tagging, enhanced new activities, and overall adherence to Enterprise Risk Management Framework elements.
- Manage Third Party incidents when they occur, complete post-mortems and drive actions to closure with Vendor Relationship Owners.
- Champion and advocate for program maturity and development with key partners across the organization, ensuring alignment with the firm’s overall third-party strategy.
- Liaise with central Third Party Vendor Risk Management and Core Engineering Vendor Relationship Owners to drive timely and accurate completion of, and accountability for vendor related diligence and governance in accordance with firmwide policies and standards.
QUALIFICATIONS
- 6 years + experience in the controls/third party risk management domain.
- 3 years + experience managing people (small to mid-size team).
- Ability to influence third party organisations and create change.
- Partnering in due diligence and ongoing monitoring activities including incident/event management.
- Managing ongoing quality of third-party data.
- Designing, reviewing and implementing appropriate KRIs; Perform controls monitoring & testing of such.
- Previous experience with KPI management (including: vendor target/performance, vendors rating cards, manage and track identified risks until closed/resolved).
- Assessing vendor controls as part of the firm’s Risk and Control Self-Assessment process.
- Experience conducting outreach and due diligence assessments for new and existing vendors.
- Must have experience working with Information Technology Vendors/Providers.
- Understanding of IT Security Controls and/or demonstration of controls mindset.
- Understanding of Information Security, Data Privacy, and Compliance principles.
- Experience working with high risk / critical vendors.
- Experience in maturing, developing, or implementing TPRM frameworks.
- Experience working in an enterprise environment.
- Experience in the production and management of reports for senior leadership.
- Excellent stakeholder coordination and project management skills.
PREFERRED QUALIFICATIONS
- Experience leading a control function.
- Experience with data manipulation using Tableau, SQL, PowerBI, etc.
#J-18808-Ljbffr