Risk, Operational Risk, Vendor Technology Risk, Associate, Salt Lake City

The Operational Risk Department at Goldman Sachs is an independent risk management function responsible for developing and implementing a standardized framework to identify, measure, and monitor operational risk across the firm.

This Operational Risk, Third Party Risk, role is for a professional with subject matter expertise dedicated to strengthening the components of the firm's operational risk management framework relating to Third Party Risk management such that supply chain security is well-understood and the right mitigation actions are in place. This role will be responsible to continuously identify, monitor, measure, and assess operational risk for Third Party Risk with a focus on Vendor Technology Risk, Risk and Control Self-Assessment, procedures and governance, and escalation across the Firm.

Responsibilities:

• Identify, monitor, and analyze operational risks arising from engagements with Third Parties such as supply chain security, vendor due diligence, and monitoring.
• Develop evidence-based challenges focused on improving Third Party Risk self- assessment and documentation.
• Develop, monitor and report metrics to measure adherence to Third Party Risk standards such as due diligence metrics, indicators related to ongoing monitoring and other phases of vendor lifecycle.
• Propose qualitative and quantitative operational risk appetite/tolerance and monitor risk taking trends through bespoke metrics at firmwide and divisional/sub-divisional levels, escalating concerns to senior management.
• Monitor the key control inventory for critical data and challenge the absence of controls and/ or controls not adhering to defined control standards.
• Conduct scenario analysis by working with stakeholders to develop plausible tail risk scenarios used in quantifying specific businesses exposure to potential risk.
• Facilitate operational risk event and data collection; perform detailed reviews of trends to identify significant risks and ensure monitoring and remediation.
• Review New Activities and ensure data related operational risks arising from acquisitions, new products and/or business, and migrations, etc. are carefully considered.
• Contribute to divisional and functional risk profile assessments by highlighting risk issues and trends to senior divisional managers and senior Operational Risk management team.
• Conduct quarterly triggered assessments for the division to ensure the divisions risk and control self -assessment outcomes are consistent, credible, and underpinned by appropriate evidence.
• Remain current on business drivers, regulatory and industry changes impacting the firm's data governance activities and obligations.
• Contribute to the advancement of operational risk methods and practices and the operational risk management framework.
• Identify and drive initiatives that improve the risk management activities at the firm.
• This role requires an energetic self-starter that can liaise with Engineering teams and divisions both regionally and globally. Experience and knowledge in a regulated enterprise network, preferably financial institution's technology infrastructure/supply chain security and Third Party Risk Management are required together with strong interpersonal and analytical skills for this role.

Qualifications

• Strong business acumen with understanding of Third Party Risk management and Information Security processes or strong grounding in operational risks and business flows.
• 3+ years of relevant experience, which could include working in operational risk, Third Party Risk Management or Information Security in engineering/finance/risk divisions of financial institutions or working in relevant regulatory reporting such as BCBS239, Basel 3 or CCAR in financial institutions.
• Strong data analysis skills.
• Strong verbal and written communication skills with the ability to present with impact and influence.
• Ability to work in a fast-paced environment with a strong delivery focus.
• Strong organizational skills (project management experience a plus).
• Ability to work in a team environment and knowledge share with other colleagues within team.
• Familiarity with enterprise risk management best-practices and controls.
• Possess a bachelor's degree, Finance, Data Science, Economics, Computer Science, or related disciplines.