Corporate Planning & Management

Associate, Third Party Risk Management, Global Procurement

Job Title: Corporate Planning & Management – Third Party Risk Management – Third Party Resilience [Bengaluru, Associate]

Divisional Overview

The Corporate Planning & Management (CPM) division integrates financial planning, spend management, third-party risk management, product management, and engineering teams to support strategic decisions across the firm.

Global Procurement strategically manages third-party engagement, optimizing value and mitigating risks across the supply chain. Key functions include Strategic Sourcing, Third-Party Risk Management (TPRM), Procure to Pay (P2P), Travel, and Sustainable Operations driving ESG initiatives.

The Third Party Risk Management (TPRM) team’s mission is to support the firm’s ‘One Goldman Sachs’ forward strategy by proactively identifying, managing, monitoring, and reporting key third party risks in order to enable and challenge the business’s risk-based decision making processes. The Third Party Resilience capability delivers a comprehensive program of onboarding and ongoing operational resilience testing for Goldman Sachs’ most critical third party and fourth party relationships.

Role Overview

Professionals in CPM have an analytical mindset, exhibit intellectual curiosity and are from diverse academic backgrounds. This role sits within the Third Party Risk Management pillar.

This role is in the Third Party Resilience capability, part of the first line of defence Third Party Risk Management team within the Global Procurement Pillar of the Corporate Planning and Management division. The role will be at the forefront of assessing and managing critical vendors’ and subcontractors’ operational resilience (business continuity and disaster recovery) capabilities.

The role requires collaboration with functions across the firm on a regular basis, an ability to work independently, and ability to interact with senior professionals across the firm. It also entails in-depth analysis and reporting for senior management, requiring diligence and a commercial mindset. The candidate is required to work closely with global counterparts and should have excellent verbal and written communication skills.

Job responsibilities will include, but are not limited to:

• Assessing and managing the operational resilience (business continuity and disaster recovery) capabilities of critical vendors and subcontractors
• Supporting the execution of an integrated global assurance framework to test, report, and drive effective business risk management of third-party and fourth-party operational resilience and recovery capabilities for critical services
• Leading and executing a dedicated portfolio of third-party and fourth-party resilience assessments
• Supporting strategic projects aimed at optimizing and delivering the firmwide Third Party Resilience program
• Collaborating with Vendor relationship owners, first line embedded divisional risk teams, and senior management across various Goldman Sachs divisions (Global Banking and Markets, Platform Solutions, Corporate Treasury, Operations, Engineering, Asset and Wealth Management etc.) to execute risk assessments
• Providing support for third-party and fourth-party operational resilience-related internal/external audits and regulatory inquiries
• Monitor, report and proactively reduce third-party and fourth-party resilience risk exposure to Goldman Sachs
• Support the team on leadership reporting, key risk metrics, Risk and Control Self-Assessment (RCSA), and program data governance

• Identify potential areas to create operational efficiencies, better leverage technology/AI and automate manual processes

Skills and experience we are looking for:

• Possess a strong risk management and control mindset linked with the ability to support the delivery of commercial outcomes
• Experience and knowledge in operational resilience; preferably in the context of business continuity / disaster recovery testing
• Preferred understanding of foundational technology concepts and platforms (e.g., Data Centre, Network, Database, Software, Hardware, Cloud)
• Highly organized; attention to detail (especially data quality) and excellent follow-through required
• Exceptional time management; ability to work with tight deadlines under pressure
• Analytical thinker, able to quickly assess situations, prioritize and multi-task, strong problem-solving skills
• Excellent interpersonal and communication skills, both written and verbal
• Proficient stakeholder management and negotiation skills
• Confident candidate who is an enthusiastic team player
• Ability to coordinate and interact effectively with global colleagues
• Ability to adapt to a dynamic and changing organization
• Independent research, data assimilation, and documentation to enable risk assessments
• Ability to coordinate activities with multiple interdependencies across multiple stakeholders
• Ability to quickly analyze multiple sources of information and deliver informed risk insights
• Understanding of Goldman Sachs business structures and processes (i.e., ability to “navigate GS”)
• Solid work ethic and elevated motivation

Basic Qualifications

• Relevant bachelor’s degree (Economics, Commerce, Information Technology, Risk Management, Finance, Business, Analytics, Supply Chain Management, Statistics etc.) or equivalent qualification with an excellent academic record; MBA is a plus
• 2 – 8 year experience in a relevant field
• Experience in risk management, third-party risk management, or a global risk function
• MS Office knowledge (Word, Excel, Power Point, Access)

Preferred Qualifications

• Risk Management Certification (CBCI, CBCP, CRMP, CTPRP, CRISC, ISO 22301 LI/LA, ISO 31000, CORP etc.)
• Prior experience in Business Continuity / Disaster Recovery / Quality Assurance / Control testing / Internal Audit
• Understanding of global Operational Resilience regulations including DORA, PRA SS2/21, SS1/21, FED Interagency Guidance on Third Party Relationships, EBA Outsourcing Guidelines etc.
• Certification in any Business Intelligence/Automation/AI tools (eg: Alteryx / Qlik / Tableau / Power BI)