Internal Audit- Core Engineering Tech Audit- Analyst -Bengaluru

What We Do
As the third line of defense, Internal Audit’s mission is to independently assess the firm’s internal control structure, including the firm’s governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management’s control measures.  In doing so, internal Audit:

• Communicates and reports on the effectiveness of the firm’s governance, risk management and controls that mitigate current and evolving risk
• Raise awareness of control risk
• Assesses the firm’s control culture and conduct risks; and
• Monitors management’s implementation of control measures

Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists.  We are organized into global teams comprising business and technology auditors to cover all the firm’s businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering. 

Who We Look For 
Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures.  We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment. 

The Core Engineering audit team performs reviews of technology risks and controls within a challenging, dynamic and complex business and technology environment. The team covers core technology infrastructure platforms (cloud computing, database and big data), end user platforms (desktop, collaboration, e-Mail/messaging and web technologies), enterprise platforms (software development/SDLC, job scheduling and workflow technologies) and lastly production operations. A strong background in technology engineering and a proven technology audit background are necessary. 

Your Impact:

As part of the third line of defense, you will be involved in independently assessing the firm’s overall control environment, and communicating the results to the firm’s local and global management the effectiveness of the firm’s controls that mitigate current and emerging risks, and monitoring the management’s implementation of control measures.  In doing so, you are supporting the provision of independent, objective and timely assurance around the firm’s internal control structure, and supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities.

Responsbilities:

You will play a vital role in the scoping and planning of the audits, deploy audit and analytical procedures and techniques to assess the design and operating effectiveness of the controls to mitigate the risks, and discuss the results with the firm’s local and global management. In addition, you will also monitor and follow up with management on the resolution of the open audit findings. 

Basic Qualifications:

• 1-3 years of experience as a technology auditor covering IT application and general controls
• Understanding of software development and system architecture
• High level understanding of databases, operating systems and messaging
• Proficiency in Excel and SQL
• Strong written and verbal communication skills 

Preferred Qualifications:

• Site reliability engineering and runtime operational tools (agent based technologies) and processes (change and incident
• management, job/batch management) 
• Cloud computing (Private, AWS, Google, Azure, Docker)
• Linux and Windows operating systems: security, configuration, and management
• Database design, setup and administration (DBA) experience with Sybase, Oracle, or UDB
• Big data systems: Hadoop, NoSQL, Hbase, HDFS, MapReduce
• Web infrastructure technologies, security and design
• Systems development/SDLC tools and processes (SVN/CVS, build, software testing, configuration and deployment)
• Email, messaging and collaboration systems (Exchange, Sharepoint, instant messaging)
• Business Continuity Planning and Disaster Recovery design and implementation
• Relevant technology standards and regulations – ISO 27001, FFIEC IT handbooks etc.
• Data and Log Analysis (using SQL and Splunk) and visualization (using Spotfire, Tableau, QlikView or other) would be useful but not required 
• Ability to review / develop code (Java, C#, C++, Python, VBA macros etc.)
• Experience with Data Analytics tools and techniques
• Relevant certification or industry accreditation (e.g., CISA, CISSP, or pursuing CFA, FRM etc.) 

About GS:

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.