Engineering - Dallas - Associate - Third Party Risk Governance
WHO WE ARE
The Goldman Sachs Group, Inc. is a leading global financial services firm providing investment banking, securities and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments, and high-net-worth individuals. The firm is headquartered in New York and maintains offices in London, Frankfurt, Tokyo, Hong Kong, and other major financial centers around the world.
MORE ABOUT THIS JOB
This position provides an opportunity for a dynamic and risk-aware individual to aid in the design and shape the Core Engineering Third Party control framework. The Core Engineering Third Party Risk Management Team is responsible for overseeing aspects of policy implementation, quality assurance, audit facilitation and relative analytics. You will be happy getting into risk level detail alongside designing and implementing a long-term vision for the team and managing our various stakeholders.
RESPONSIBILITIES AND QUALIFICATIONS
HOW YOU WILL FULFILL YOUR POTENTIAL
- Act as a key contributor and a primary point of contact for stakeholders across all 3 lines of defence for matters related to the division’s vendor profile.
- Enable the division to comply with the Firmwide Third Party Risk and Control Framework and associated programs.
- Provide best in class support to active engagements across the full spectrum of risks from introduction of Third Parties to ensuring appropriate oversight and governance of first line risk taking activities.
- Engage with Risk Partners across the organization (e.g. Compliance, Technology Risk), as needed, to review control requirements and drive resolution of vendor issues with Vendor Relationship Owners.
- Facilitate disruption testing in partnership with firmwide operational resilience and VROs.
- Develop and provide periodic global and regional reporting on vendor landscape, risks, controls, and overall status of divisional execution against the program requirements.
- Manage internal and external examinations and engagements (regulatory, audit, compliance).
- Equipping Enterprise Vendor Relationship Owners and Divisional Vendor Risk Owners with skills, training, and awareness on their roles.
- Support and help lead aspects of the global Third Party Risk Management Program initiatives and priorities, building capabilities including development of a process inventory, adoption of controls, issue tagging, enhanced new activities, and overall adherence to Enterprise Risk Management Framework elements.
- Manage Third Party incidents when they occur, complete post-mortems and drive actions to closure with Vendor Relationship Owners.
- Champion and advocate for program maturity and development with key partners across the organization, ensuring alignment with the firm’s overall third-party strategy.
- Liaise with central Third Party Vendor Risk Management and Core Engineering Vendor Relationship Owners to drive timely and accurate completion of, and accountability for vendor related diligence and governance in accordance with firmwide policies and standards.
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
- 3 years + experience in the controls/third party risk management domain.
- Desire to influence third party organisations and create change.
- Partnering in due diligence and ongoing monitoring activities including incident/event mgmt.
- Managing ongoing quality of third-party data.
- Reviewing and reporting on appropriate KRIs; Perform controls monitoring & testing.
- Reviewing and reporting on appropriate KPIs; Perform monitoring and provide analysis to Core Engineering Third Party Risk Governance Management team.
- Assessing vendor controls as part of the firm’s Risk and Control Self-Assessment process.
- Ability to conduct outreach and due diligence assessments for new and existing vendors.
- Experience working with Information Technology Vendors/Providers is a plus.
- Understanding of IT Security Controls and/or demonstration of controls mindset.
- Experience working with high risk/critical vendors is a plus.
- Experience abiding by and/or enforcing TPRM frameworks.
- Experience working in an enterprise environment.
- Experience in the production and management of reports for senior leadership.
- Solid written and verbal communication skills.
- Detail oriented, organized and focused.
PREFERRED QUALIFICATIONS
- Experience leading a control function.
- Experience with data manipulation using Tableau, SQL, PowerBI, etc.
#J-18808-Ljbffr