Tech Risk - Regulatory & Controls APAC - HK - Advisory

Location(s) HK-Hong Kong
Job ID
2020-61935
Schedule Type
Full Time
Level
Vice President
Function(s)
Security Engineer
Region
Asia Except Japan
Division
Engineering
Business Unit
Technology Risk
Employment Type
Employee

MORE ABOUT THIS JOB

Goldman Sachs Technology Risk is leading threat, risk analysis and data science initiatives
that are helping to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats and protect against unauthorized disclosure of confidential information for our clients, internal business functions, and our extended supply chain.
RISK ADVISORY delivers best in class advisory support and technology solutions across the information security risk domain including scalable uplifts of common core security solutions for use across Goldman Sachs. Prevents the misuse, unauthorized disclosure, or loss of firm data across e-mail, file transfer, and the Internet. Ensures business continuity and technology resilience by safeguarding Goldman Sachs from major operational disruptions through preventative
measures including business planning, capability design,
and the testing of mitigants.
Tech Risk – Tech Risk APAC – Analyst/Associate
Business Unit Overview
Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, the Tech Risk APAC team develops, implements and documents the firm’s alignment to governance processes related cybersecurity to ensure the firm is implementing and leading industry best practices. We are a team of program managers, project managers, and regulatory analysts that understand, document, and uplift the firm’s adherence to a dynamic and ever-evolving regulatory environment. We drive key Tech Risk programs and key initiatives and reduce regulatory and litigation risk.

RESPONSIBILITIES AND QUALIFICATIONS

HOW YOU WILL FULFILL YOUR POTENTIAL
• Job Responsibilities:
• Drafting responses to requests for information from regulators in the jurisdictions in which the firm operates, within Asia Pacific
• Coordinating engagements with regulators, including periodic reporting, preparation of presentations and written deliverablesof global, regional and local regulatory requirements that have a technology impact, in order to conduct internal self-assessments and gap analyses to ensure compliance
• Conducting analyses to identify regulatory trends of relevance to the firm’s business and risk environmentsto ensure regulatory requirements are appropriately understood, communicated, and mitigated where necessary
• Preparing presentations and written products on regulatory trends and issues to inform senior leadership decisions
• Coordinating with counterparts in other jurisdictions and regional stakeholders (e.g. Legal, Compliance, Operational Risk) to ensure consistent responses across all regulators
• Driving implementation of specific security controls based on internal security priorities and regulatory requirements
• Managing regional audit and regulatory activities relevant to Technology Risk with primary focus on Information Security and Cybersecurity
• Drive and execute Technology Division Governance processes in the region and contribute with regional input to global Governance processes
• Conducting risk reviews of business and technology initiated projects to ensure adequate security controls and best practices are in place
• Managing and delivering regional specific control adoption and uplift initiatives from global Technology Risk programs
• Communicating status and risks in a succinct, direct and open manner for proper issue management life cycle tracking.
• As needed, support development of technology-related policies and standards

SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• Bachelor degree or higher
• Strong writing skills, ideally with published academic or professional articles Exceptional attention to detail
• Experience working in Information/Cyber security, IT Risk & Governance from a sizeable multinational organization
• Strong analytical, interpersonal, problem solving, influencing, organizational and time management skills
• Experience in communicating technology risks to senior audiences both technical and non-tehcnical
• Strong sense of ownership and accountability
• Strong English communication skills, both verbally and in writing
• Excellent presentation skills
• Work effectively both independently and as part of a team, self-motivated and deadline driven
• The ability to manage multi-task effectively and interact in a matrixed organization is essentialExperience managing staff’s work assignments and career development while staying hands-on
• Knowledge and experience of financial regulatory environment within Asia Pacific in at least one or more jurisdictions (Japan, Singapore, Hong Kong, China, Australia, India, Korea)

Preferred Qualifications
• Graduate degree in information security/cybersecurity, law, government, or political science
• Academic or professional publications in relevant topics
• Strong Professional experience writing policy documents or public messaging for senior government or private sector leadersof the technology implications of regulations
• Good understanding and knowledge of the following Technology areas and their impact on Information Security:
• o Windows and Unix/Linux operating systems
• o Network protocols such as TCP/IP, Firewall and IDS/IPS technology
• o Voice and Audio-Visual platforms
• o Application security issues such as OWASP Top 10
• o Industry Certifications such as CISA, CISSP, and CISM are beneficial
• #TechRiskCybersecurity

ABOUT GOLDMAN SACHS

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.

© The Goldman Sachs Group, Inc., 2020. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.