Technology Risk Issue Management - Digital Risk Office - Vice President - London London Unite ...

Opportunity Overview

CORPORATE TITLE: Vice President

OFFICE LOCATION(S): London

JOB FUNCTION: Risk Governance

DIVISION: Engineering Division

Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and cyber threats. Responsible for detecting and preventing cyber intrusions, developing secure applications and infrastructure, measuring engineering risk, and driving the implementation of engineering risk controls. The team has a global presence across the Americas, APAC, and EMEA.

Within Technology Risk, the Digital Risk Office's (DRO) Integrated Risk Management Program elevates Engineering's capabilities to identify, prioritize, and govern engineering thematic risk and remediation. The DRO has established a centralized governance model to oversee the First Line of Defense for Engineering Risk Management and its integration into the firmwide risk management taxonomy and process as well as funding decisions to promote a culture of individual accountability.

Your Impact

In this position you will work with DRO Leadership and partner with colleagues across Engineering, Operational Risk, and Internal Audit to govern and manage the entire Engineering Issue Management Lifecycle, including identification, evaluation, remediation, closure, change management, and reporting and escalation of engineering issues within the firm. Your role will be critical in building an effective Engineering Issue Management Program in alignment with the firm's Enterprise Risk Management Framework.

Responsibilities Include:

• Collaborate with stakeholders to capture, investigate, and assign overall ownership for issues
• Perform root cause analysis, leveraging quantitative and qualitative methods to determine issue severity
• Work with Engineering colleagues to develop action plans to address root cause(s) for remediation
• Identify dependencies between action plans, ensuring resources are managed appropriately
• Collaborate with various delivery teams to govern and track remediations
• Validate completeness of action plans and ensure that controls are effective prior to closing the issue
• Ensure that key changes to issues are subject to review and approval
• Report and escalate to the appropriate governance forums
• Facilitate lessons learned and continuous process improvement

Basic Qualifications:

• 5+ years of experience in enterprise risk management, internal audit, information security, technology risk, or cybersecurity
• Ability to conduct risk analysis, root cause analysis, and action plan development
• Understanding of basic technology concepts (applications, infrastructure, databases, etc.)
• Knowledge of commonly used frameworks (NIST, COBIT, ISO, etc.)
• Strong verbal and written communication skills
• Ability to present with impact and influence

Preferred Qualifications:

• 2+ years of experience in program management, project management, or change management
• Knowledge of governance or risk management methodologies