The Operational Risk Department at Goldman Sachs is an independent risk management function responsible for developing and implementing a standardized framework to identify, measure, and monitor operational risk across the firm.
This Operational Risk, Third Party Risk, role is for a professional with subject matter expertise dedicated to strengthening the components of the firm’s operational risk management framework relating to Third Party Risk management such that supply chain security is well-understood and the right mitigation actions are in place. This role will be responsible to continuously identify, monitor, measure, and assess operational risk for Third Party Risk with a focus on Vendor Technology Risk, Risk and Control Self-Assessment, procedures and governance, and escalation across the Firm.
Responsibilities:
Identify, monitor, and analyze operational risks arising from engagements with Third Parties such as supply chain security, vendor due diligence, and monitoring.Develop evidence-based challenges focused on improving Third Party Risk self- assessment and documentation.Develop, monitor and report metrics to measure adherence to Third Party Risk standards such as due diligence metrics, indicators related to ongoing monitoring and other phases of vendor lifecycle. Propose qualitative and quantitative operational risk appetite/tolerance and monitor risk taking trends through bespoke metrics at firmwide and divisional/sub-divisional levels, escalating concerns to senior management. Monitor the key control inventory for critical data and challenge the absence of controls and/ or controls not adhering to defined control standards.Conduct scenario analysis by working with stakeholders to develop plausible tail risk scenarios used in quantifying specific businesses exposure to potential risk.Facilitate operational risk event and data collection; perform detailed reviews of trends to identify significant risks and ensure monitoring and remediation. Review New Activities and ensure data related operational risks arising from acquisitions, new products and/or business, and migrations, etc. are carefully considered.Contribute to divisional and functional risk profile assessments by highlighting risk issues and trends to senior divisional managers and senior Operational Risk management team.Conduct quarterly triggered assessments for the division to ensure the divisions risk and control self -assessment outcomes are consistent, credible, and underpinned by appropriate evidence.Remain current on business drivers, regulatory and industry changes impacting the firm’s data governance activities and obligations.Contribute to the advancement of operational risk methods and practices and the operational risk management framework.Identify and drive initiatives that improve the risk management activities at the firm.This role requires an energetic self-starter that can liaise with Engineering teams and divisions both regionally and globally. Experience and knowledge in a regulated enterprise network, preferably financial institution’s technology infrastructure/supply chain security and Third Party Risk Management are required together with strong interpersonal and analytical skills for this role.Qualifications
Strong business acumen with understanding of Third Party Risk management and Information Security processes or strong grounding in operational risks and business flows.3+ years of relevant experience, which could include working in operational risk, Third Party Risk Management or Information Security in engineering/finance/risk divisions of financial institutions or working in relevant regulatory reporting such as BCBS239, Basel 3 or CCAR in financial institutions.Strong data analysis skills.Strong verbal and written communication skills with the ability to present with impact and influence.Ability to work in a fast-paced environment with a strong delivery focus.Strong organizational skills (project management experience a plus).Ability to work in a team environment and knowledge share with other colleagues within team.Familiarity with enterprise risk management best-practices and controls.Possess a bachelor’s degree, Finance, Data Science, Economics, Computer Science, or related disciplines.