Internal Audit - Core Engineering Auditor -Vice President - Bengaluru

What We Do
As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, including the firm's governance processes and controls, and risk management and capital and anti-financial crime frameworks, raise awareness of control risk and monitor the implementation of management's control measures. In doing so, internal Audit:

• Communicates and reports on the effectiveness of the firm's governance, risk management and controls that mitigate current and evolving risk
• Raise awareness of control risk
• Assesses the firm's control culture and conduct risks; and
• Monitors management's implementation of control measures

Goldman Sachs Internal Audit comprises individuals from diverse backgrounds including chartered accountants, developers, risk management professionals, cybersecurity professionals, and data scientists. We are organized into global teams comprising business and technology auditors to cover all the firm's businesses and functions, including securities, investment banking, consumer and investment management, risk management, finance, cyber-security and technology risk, and engineering.

Who We Look For
Goldman Sachs Internal Auditors demonstrate strong risk and control mindsets, analytical, exercise professional skepticism and are able to challenge and discuss effectively with management on risks and control measures. We look for individuals who enjoy learning about audit, businesses and functions, have innovative and creative mindsets to adopt analytical techniques to enhance audit techniques, building relationships and are able to evolve and thrive in teamwork and in a fast-paced global environment.

SDLC Specialized Skills:

• Able to understand and identify security vulnerabilities by manual inspection in multiple code across programming and configuration languages including but not limited to Python, Java, C++ and Terraform. System development experience in Agile/ DevOps is a plus.
• Strong foundation in SDLC methodologies, such as automated software security testing (e.g DAST, SAST, IaC etc), continuous integration and deployment of applications.
• Familiar or have audited software development and virtualization tools such as GitLab, Dockers, Kubernetes etc.
• Possess deep knowledge of various SDLC development methodologies (e.g., Waterfall, Agile, DevOps, etc.). Understand the unique requirements and challenges of software development in a regulated financial environment.
• Experience performing audits on the entire SDLC process, including requirements gathering, design, development, testing, production deployment, and maintenance processes the ensure compliance with industry standards.
• Experience with evaluating risks and vulnerabilities within SDLC and developing strategies for risk mitigation ensuring secure and efficient operation of software systems.
• Exposure to IaC (Infrastructure as Code) best practices
• Demonstrate proficiency in implementing rigorous quality assurance and testing protocols.

Your Impact:

As part of the third line of defense, you will be involved in independently assessing the firm's overall control environment, and communicating the results to the firm's local and global management the effectiveness of the firm's controls that mitigate current and emerging risks, and monitoring the management's implementation of control measures. In doing so, you are supporting the provision of independent, objective and timely assurance around the firms's internal control structure, and supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities.

Responsibilities:

You will play a vital role in the scoping and planning of the audits, deploy audit and analytical procedures and techniques to assess the design and operating effectiveness of the controls to mitigate the risks, and discuss the results with the firm's local and global management. In addition, you will also monitor and follow up with management on the resolution of the open audit findings.

About GS:

The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world