WHO WE ARE
The Goldman Sachs Group, Inc. is a leading global financial services firm providing investment banking, securities and investment management services to a substantial and diversified client base that includes corporations, financial institutions, governments, and high-net-worth individuals. The firm is headquartered in New York and maintains offices in London, Frankfurt, Tokyo, Hong Kong, and other major financial centers around the world.
MORE ABOUT THIS JOB
You will be responsible for running the new Core Engineering Third Party Risk Management team, overseeing and managing the control framework across our Vendors to mitigate reputational, operational, legal and commercial risk to GS. This position provides an opportunity for a dynamic and risk-aware individual to design and shape the Core Engineering Third Party control framework. The Third Party Risk Management Team is responsibile for overseeing aspects of policy implementation, quality assurance, audit facilitation and relative analytics. You will be happy getting into risk level detail alongside designing and implementing a long-term vision for the team, and managing our various stakeholders.
RESPONSIBILITIES AND QUALIFICATIONS
HOW YOU WILL FULFILL YOUR POTENTIAL
· Act as a champion and primary point of contact for stakeholders across all 3 lines of defence for matters related to the division’s vendor profile
· Enable the division to comply with the Firmwide Third Party Risk and Control Framework and associated programs
· Provide active engagement across the full spectrum of risks from introduction of Third Parties to ensure appropriate oversight and governance of first line risk taking activities
· Engage with Risk Partners across the organization (e.g. compliance, technology), as needed, to review control requirements and drive resolution of vendor issues with Vendor Relationship Owners
· Facilitate disruption testing in partnership with firmwide operational resilience and VROs
· Develop and provide periodic global and regional reporting on vendor landscape, risks, controls, and overall status of divisional execution against the program requirements
· Manage internal and external examinations and engagements (regulatory, audit, compliance)
· Equipping Enterprise Vendor Relationship Owners and Divisional Vendor Risk Owners with skills, training, and awareness on their roles
· Support and help lead aspects of the global Third Party Risk Management Program initiatives and priorities, building capabilities including development of a process inventory, adoption of controls, issue tagging, enhanced new activities, and overall adherence to Enterprise Risk Management Framework elements
· Manage Third Party incidents when they occur, complete post-mortems and drive actions to closure with Vendor Relationship Owners
· Champion and advocate for program maturity and development with key partners across the organization, ensuring alignment with the firm’s overall third-party strategy. SKILLS AND EXPERIENCE WE ARE LOOKING FOR
· 5 years + experience in the controls/third party risk management domain
· 3 year + experience of managing people (small to mid-size team)
· Experience of leading a control function
· Ability to influence third party organisations and create change
· Partnering in due diligence and ongoing monitoring activities including incident/event mgmt
· Managing ongoing quality of third party data
· Review, design and implement appropriate KRIs; Perform controls monitoring & testing
· Assessing vendor controls as part of the firm’s Risk and Control Self Assessment process
· Experience conducting outreach and due diligence assessments for new and existing vendors.
· Must have experience working with Information Technology Vendors/Providers
· Understanding of IT Security Controls and/or demonstration of controls mindset
· Understanding of Information Security, Data Privacy, and Compliance principles
· Experience working with high risk / critical vendors
· Previous experience with KPI management (including: vendor target/performance, vendors rating cards, manage and track identified risks until closed/resolved).
· Experience in maturing, developing, or implementing a TPRM frameworks.
· Experience working in an enterprise environment.
· Experience in the production and management of reports for senior leadership.
· Excellent stakeholder coordination and project management skills.
PREFERRED QUALIFICATIONS
· Experience with data manipulation using Tableau, SQL, PowerBI etc.