Internal Audit, Cybersecurity & Technology Audit, Associate, Warsaw

Goldman Sachs

Job Location:

Warsaw - Poland

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Description

Internal Audit Technology Risk & Cybersecurity Associate

The Goldman Sachs Group Inc. is a leading global investment banking securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations financial institutions governments and individuals. Founded in 1869 the firm is headquartered in New York and maintains offices in all major financial centers around the world. We commit people capital and ideas to help our clients shareholders and the communities we serve to grow. Our people are our greatest asset we say it often and with good reason. It is only with the determination and dedication of our people that we can serve our clients generate long-term value for our shareholders and contribute to the broader public. We take pride in supporting each colleague both professionally and personally. From collaborative workspaces and ergonomic services to wellbeing and resilience offerings we offer our people the flexibility and support they need to reach their goals in and outside the office.

INTERNAL AUDIT

In Internal Audit we ensure that Goldman Sachs maintains effective controls by assessing the reliability of financial reports monitoring the firms compliance with laws and regulations and advising management on developing smart control solutions. Our group has unique insight on the financial industry and its products and operations. Were looking for detail-oriented team players who have an interest in financial markets and want to gain insight into the firms operations and control processes.

WHAT WE LOOK FOR

Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets analytical thinking exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit businesses and functions have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.

YOUR IMPACT

As the third line of defense Internal Audits mission is to independently assess the firms internal control structure including the firms governance processes and controls and risk management and capital and anti-financial crime frameworks raise awareness of control risk and monitor the implementation of managements control doing so internal Audit:

Communicates and reports on the effectiveness of the firms governance risk management and controls that mitigate current and evolving risk
Raise awareness of control risk
Assesses the firms control culture and conduct risks
Monitors managements implementation of control measures

Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants developers risk management professionals cybersecurity professionals and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firms businesses and functions including securities investment banking consumer and investment management risk management finance cyber-security and technology risk and engineering.

RESPONSIBILITIES

Assist / Lead the risk assessment scoping and planning of a review
Assist / Lead in executing the review. Specifically focusing on the following:
- Analyse the design and architecture of the technology systems in the context of information technology controls such as security availability and performance and their impact on business-aligned technology groups.
- Analyse the technology and business processes to evaluate the effectiveness of the relevant technology controls.
- Validate that technology controls meet internal and regulatory requirements
Document the results of the test steps executed within the IA workpaper repository
Assist/Lead in the report preparation
Assist/Lead in presenting the scope progress and results of the review to internal technology and business stakeholders

SKILLS AND RELEVANT EXPERIENCE

Minimum 3 years work experience with 1 year minimum auditing experience
Degree in Computer Science Information Security Engineering (or equivalent) preferred
Technology skills including:
- Good understanding of Linux and Windows operating systems knowledge of security administration and configuration of servers and desktops batch scripting and executing standard commands
- Computer networks design fundamentals and understanding of the network components
- Understanding of Cloud computing concepts technologies risks and mitigating controls
- Knowledge of Security risks related to web mobile web services and client/server architectures
- Understanding of Encryption schemes (symmetric asymmetric and hashing) and how they may be applied in an application architecture
- Understanding of Vulnerability assessment and penetration testing methodologies and processes for web thick client and mobile applications
- Experience with Splunk and/or other SIEM platforms would be useful but not required
- Understanding of Threat modelling intelligence and incident response processes
- Understanding of processes related to Management monitoring and operations of technology (backups change management system monitoring incident/problem management)
- Understanding of Business continuity planning and disaster recovery design and implementation
- Knowledge of Security controls within the software development lifecycle
- Familiarity with Relevant technology standards and regulations NIST Cyber Security Framework FFIEC CAT ISO 27001 GDPR DORA NYSDFS data privacy rules FFIEC IT handbooks etc.
- Data and log analysis and visualization would be useful but not required
- Relevant certification or industry accreditation (CISA CISSP CISM etc.) useful but not required
Must be highly motivated with strong analytical skills willing and able to learn new technology and business and processes quickly
Ability to work effectively across a large audit team understanding the teams role in the overall strategy of the firm
Written and verbal communication skills are a must; strong interpersonal skills are essential. Job requires frequent interaction with technology management
Must be able to multitask while managing both time and workload

ABOUT GOLDMAN SACHS

At Goldman Sachs we commit our people capital and ideas to help our clients shareholders and the communities we serve to grow. Founded in 1869 we are a leading global investment banking securities and investment management firm. Headquartered in New York we maintain offices around the world.

We believe who you are makes you better at what you do. Were committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally from our training and development opportunities and firmwide networks to benefits wellness and personal finance offerings and mindfulness programs. Learn more about our culture benefits and people at

Were committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more:

Goldman Sachs is an equal opportunity employer and does not discriminate on the basis of race color religion sex national origin age veterans status disability or any other characteristic protected by applicable law.

Required Experience:

DescriptionInternal Audit Technology Risk & Cybersecurity AssociateThe Goldman Sachs Group Inc. is a leading global investment banking securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations f...

Description

Internal Audit Technology Risk & Cybersecurity Associate

INTERNAL AUDIT

WHAT WE LOOK FOR

YOUR IMPACT

RESPONSIBILITIES

Assist / Lead the risk assessment scoping and planning of a review
Assist / Lead in executing the review. Specifically focusing on the following:
- Analyse the design and architecture of the technology systems in the context of information technology controls such as security availability and performance and their impact on business-aligned technology groups.
- Analyse the technology and business processes to evaluate the effectiveness of the relevant technology controls.
- Validate that technology controls meet internal and regulatory requirements
Document the results of the test steps executed within the IA workpaper repository
Assist/Lead in the report preparation
Assist/Lead in presenting the scope progress and results of the review to internal technology and business stakeholders

SKILLS AND RELEVANT EXPERIENCE

Minimum 3 years work experience with 1 year minimum auditing experience
Degree in Computer Science Information Security Engineering (or equivalent) preferred
Technology skills including:
- Good understanding of Linux and Windows operating systems knowledge of security administration and configuration of servers and desktops batch scripting and executing standard commands
- Computer networks design fundamentals and understanding of the network components
- Understanding of Cloud computing concepts technologies risks and mitigating controls
- Knowledge of Security risks related to web mobile web services and client/server architectures
- Understanding of Encryption schemes (symmetric asymmetric and hashing) and how they may be applied in an application architecture
- Understanding of Vulnerability assessment and penetration testing methodologies and processes for web thick client and mobile applications
- Experience with Splunk and/or other SIEM platforms would be useful but not required
- Understanding of Threat modelling intelligence and incident response processes
- Understanding of processes related to Management monitoring and operations of technology (backups change management system monitoring incident/problem management)
- Understanding of Business continuity planning and disaster recovery design and implementation
- Knowledge of Security controls within the software development lifecycle
- Familiarity with Relevant technology standards and regulations NIST Cyber Security Framework FFIEC CAT ISO 27001 GDPR DORA NYSDFS data privacy rules FFIEC IT handbooks etc.
- Data and log analysis and visualization would be useful but not required
- Relevant certification or industry accreditation (CISA CISSP CISM etc.) useful but not required
Must be highly motivated with strong analytical skills willing and able to learn new technology and business and processes quickly
Ability to work effectively across a large audit team understanding the teams role in the overall strategy of the firm
Written and verbal communication skills are a must; strong interpersonal skills are essential. Job requires frequent interaction with technology management
Must be able to multitask while managing both time and workload

ABOUT GOLDMAN SACHS

Were committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more:

Required Experience:

Key Skills

Apply Now

About Company

Goldman Sachs

The Goldman Sachs Group, Inc. is a leading global investment banking, securities, and asset and wealth management firm that provides a wide range of financial services.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click