Internal Audit, Technology Auditor, Associate

What We Do
As the third line of defense, Internal Audit’s mission is to independently assess the firm’s internal control structure, including the firm’s governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management’s control measures.  In doing so, internal Audit:

• Communicates and reports on the effectiveness of the firm’s governance, risk management and controls that mitigate current and evolving risk
• Raise awareness of control risk
• Assesses the firm’s control culture and conduct risks; and
• Monitors management’s implementation of control measures

Who We Look For
Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures.  We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.

General Responsibilities 

• Support IA management to formulate an audit plan / strategy in consideration of regulatory requirements and legal entity risk assessment in QKF 
• Develop and maintain understanding of regulatory requirements and industry practice in China (particular for the technology and cybersecurity related areas) and providing insight on their impact and application to IA management.  
• Execute and develop leading role in every step of an audit project including scoping, planning, fieldwork and reporting for both business and technology driven audits
• Identify risks, assess mitigating controls, and make recommendations on improving the control environment
• Prepare commercially effective audit conclusions and findings, and present to IA management and management in QKF
• Follow-up on open audit issues and their resolution
• Assist in the audit team’s continuous monitoring effort to cover market and regulatory events, technology updates and business initiatives audit/reviews completed
• Be local contact point for regulatory interaction for IA relevant matters
• Bridging the gap between the local and global audit teams and providing timely updates to the GS Audit Team on the key developments in QKF

Basic Requirements

• Minimum 4 years of experience in technology auditor or relevant technology development or support or risk management fields 
• Futures professional qualification of China Futures Association or candidate is expected to pass the examination within firm required timeline after employment.
• Ability to work effectively across an audit team consisting of members in multiple locations
• Self-driven and proactive in taking full ownership and accountability of the assigned tasks and tracking them to completion within the stipulated timelines and according to the firm’s quality standards
• Must be highly motivated with strong analytical skills, willing and able to learn new business and system processes quickly
• Strong experience and familiarity with China laws and regulations relating to Technology and Futures Business.
• Excellent written and verbal communication skills in Mandarin. English language skill is highly preferred.
• Job requires frequent interaction with overseas colleagues in virtual video media

Preferred Qualifications

• Relevant degree in Computer Science, Information Security, Engineering or equivalent
• Relevant certifications or industry accreditations (e.g., CISA, CISM, CISSP etc.)
• Past experience of dealing with the local regulator and understanding of their ask from the various regulations / standards and guidelines will be useful
• Experience of relevant technology industry standards – ISO 27001, NIST Framework, CFA notices, standards and guidelines etc.