MORE ABOUT THIS JOB WHO WE ARE The Goldman Sachs Group, Inc. is a leading global financial services firm providing investment banking, securities and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments and high-net-worth individuals. The firm is headquartered in New York and maintains offices in London, Frankfurt, Tokyo, Hong Kong and other major financial centres around the world.
In Internal Audit, we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports, monitoring the firm's compliance with laws and regulations, and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. We're looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firm's operations and control processes.
RESPONSIBILITIES AND QUALIFICATIONS BUSINESS UNIT OVERVIEW
Internal Audit independently assesses the firm's internal control structure, which is designed to provide reasonable assurance that financial reporting is reliable, there is compliance with applicable laws and regulations and the firm's operations are effectively controlled. Internal Audit also raises awareness of control risk, provides advice to management in developing control solutions and monitors the implementation of m anagement's control measures. Internal Audit reports to the Audit Committee and is responsible for supporting the Audit Committee and the Board of Directors in fulfilling their oversight responsibilities. In addition I nternal Audit regularly interacts with the external independent auditors and the firm's regulators.
The Platforms Technology audit team performs reviews of technology risks and controls within a challenging, dynamic and complex business and technology environment. The team covers core technology infrastructure platforms (cloud computing, database and big data), end user platforms (desktop, collaboration, e-Mail/messaging and web technologies), enterprise platforms (software development/sdlc, job scheduling and workflow technologies) and lastly production operations. A strong background in technology engineering and a proven technology audit background are necessary. Experience in cybersecurity is a plus.
Participation in planning and scoping reviews through meeting with key people within the review area to understand the underlying system architecture in the context of information technology controls and their impact on the business to identify the key risks and controls to be assessed.
Preparation and execution of the audit testing program (using data analysis, code inspection and re-performance of controls) that assesses the adequacy of the design and operation of controls associated with the key risks
Assessment and reporting of the risk and impact of issues identified during reviews to stakeholders and audit management.
Follow up with stakeholders on remediation of actions coming out of issues identified during audits.
Ad hoc work on firmwide projects around new processes or activities and investigation of incidents.
Ongoing liaison with colleagues globally and internal and external stakeholders including regulators and external auditors.
Maintenance of internal stakeholder relationships and regular interaction with the business during the year to assess changes in the control environment and other matters arising in the business.
QUALIFICATIONS / EXPERIENCE
2-4 years of relevant technology audit experience or experience in using a combination of the following technologies:
Site reliability engineering and runtime operational tools (agent based technologies) and processes (change and incident management, job/batch management)
Linux and Windows operating systems: security, configuration, and management
Database design, setup and administration (DBA) experience with Sybase, Oracle, or UDB
Big data systems: Hadoop, NoSQL, Hbase, HDFS, MapReduce
Web infrastructure technologies, security and design
Systems development/SDLC tools and processes (SVN/CVS, build, software testing, configuration and deployment)
Email, messaging and collaboration systems (Exchange, Sharepoint, instant messaging)
Cyber and Information Security
Business Continuity Planning and Disaster Recovery design and implementation
Relevant technology standards and regulations - ISO 27001, FFIEC IT handbooks etc.
Data and Log Analysis (using SQL and Splunk) and visualisation (using Spotfire, Tableau, QlikView or other) would be useful but not required.
Relevant Certification or industry accreditation (CISA, CISSP, CISM, etc.) useful but not required
Experience in managing audit engagements or technology projects
Team-oriented with a strong sense of ownership and accountability
Highly motivated with the ability to multi-task and remain organized in a fast-paced environment
ABOUT GOLDMAN SACHS The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.