Internal Audit (Business) | Analyst
  • United Kingdom London
  • Jobs via eFinancialCareers
1 year before
31.01.2024
Securely Provision
Risk Management
Job Description

More About This Skillset

What We Do

As the third line of defence, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, internal Audit:

Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk
Raise awareness of control risk
Assesses the firm's control culture and conduct risks; and
Monitors management's implementation of control measures

Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering.

Who We Look For

Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.

How You Will Fulfil Your Potential

Collaborate and work as a team across EMEA
Develop and maintain an in-depth understanding of the business the Internal Audit team is supporting, its products, and supporting functions
Assist in every step of an audit, including documentation, across scoping, planning, fieldwork and reporting
Performing walkthroughs with stakeholders to perform control design assessments and presenting results of work performed to management
Execute audit testing to ensure audit fieldwork is focused on the right areas and documentation meets high quality standards
Identify risks, assess mitigating controls, and make recommendations on improving the control environment
Prepare commercially effective audit conclusions and findings, and present to Internal Audit senior management and business stakeholders
Follow-up on open audit issues and their resolution
Participate in department-wide initiatives aimed at continually improving Internal Audit's processes and supporting infrastructure
Use and develop data analytics (DA)/computer assisted audit tools and techniques to assist in execution of audits and risk assessment

SKILLS AND EXPERIENCE WE ARE LOOKING FOR

Approximately +1 to 2 years of prior experience in auditing controls. This could be in an IA team, or consulting, regulatory body or a related control function, with controls testing as part of your role, i.e. compliance testing group or a risk and control team.
Team-oriented with a strong sense of ownership and accountability and able to work under minimal supervision on individual tasks or on team projects
Accurate, accountable and able to multitask while managing both time and work load
Interest in developing your knowledge of Global Markets as well as supervisory oversight controls across regions
Highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly
Relevant certification or industry accreditation (e.g., ACA, CAMS, CIA, CFA) is a plus
Graduate degree, preferably in a related subject, science and humanity degrees as well as more specific accountancy or economics degrees will be considered

ABOUT GOLDMAN SACHS

At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers .

We're committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https:// www.goldmansachs.com/careers/footer/disability-statement.html


Quick response

Required Knowledge
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0037   Knowledge of Security Assessment and Authorization process.
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0048   Knowledge of Risk Management Framework (RMF) requirements.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0126   Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • K0169   Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
  • K0066   Knowledge of Privacy Impact Assessments.
  • K0154   Knowledge of supply chain risk management standards, processes, and practices.
  • K0263   Knowledge of information technology (IT) risk management policies, requirements, and procedures.
  • K0214   Knowledge of the Risk Management Framework Assessment Methodology.
  • K0264   Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
  • K0320   Knowledge of organization's evaluation and validation criteria.
  • K0065   Knowledge of policy-based and risk adaptive access controls.
  • K0297   Knowledge of countermeasure design for identified security risks.

Required Skills
  • S0115   Skill in preparing Test & Evaluation reports.
  • S0137   Skill in conducting application vulnerability assessments.
  • S0141   Skill in assessing security systems designs.
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0171   Skill in performing impact/risk assessments.

Required Abilities
  • A0014  Ability to communicate effectively when writing.
  • A0016  Ability to facilitate small group discussions.
  • A0018  Ability to prepare and present briefings.
  • A0019  Ability to produce technical documentation.
  • A0023  Ability to design valid and reliable assessments.
  • A0069  Ability to apply collaborative skills and strategies.
  • A0070  Ability to apply critical reading/thinking skills.
  • A0115  Ability to work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives.