Associate, Technology Risk Manager

DescriptionAbout this roleBusiness OverviewThe Risk & Quantitative Analysis (RQA) group provides independent oversight of BlackRock's fiduciary and enterprise risks. RQA's principal objectives are to advance the firm's risk management practices and to deliver independent risk expertise and constructive challenge to drive better business and investment outcomes. RQA's risk managers play a meaningful role in BlackRock's investment process, using quantitative analysis and a multi-disciplinary skillset to tackle real-world problems and provide tangible solutions in the investment management process.RQA is committed to investing in our people to increase individual enablement and ultimately build a stronger team. Our goal is to create a culture of inclusion which encourages collaboration, innovation, diversity and the development our future leaders. We actively engage in discussions on career growth and work with team members to understand how personal passions and strength connect with our purpose.Technology Risk ManagementTechnology Risk Management (TRM) is a key part of the RQA Enterprise Risk Management group. As a second line of defense function, our mission is to help ensure senior management has defined technology controls that protect our clients, our firm and support the achievement of firm-wide business goals within our risk tolerance. TRM partners with senior management, Aladdin Product Group and Technology leadership, Information Security, Operational Risk and other control functions to achieve this mission.The ideal candidate for this position is a multifaceted, flexible and creative leader, with experience in technology and enterprise risk management and financial services. The candidate must have strong presentation, communication and project management skills in order to successfully navigate across different levels of the BlackRock and client organizations and be able to work cross functionally across enterprise risk subject areas.Key Responsibilities:Lead and support periodic and thematic risk assessments to execute continuous control monitoring, detail potential control gaps and questions, conduct business engagement meetings and follow-ups throughout the year.

Focus on Information Security governance, risk and compliance matters and be responsible for the identification, assessment and management of information security risks globally across all information security domains.

Provide cyber security technical advisory services regarding industry and leading practices, relevant critical initiatives, and emerging technologies and trends.

Support corporate enterprise risk initiatives and processes that have a technology component as a well act as a single point of contact for enterprise management matters for the assigned business relationships.

Oversee risk remediation efforts for risk and control issues and support issue closure or risk acceptances, as needed.

Drive issues and actions resulting from internal audit, regulatory reviews and external audits to completion; work with action owners to gather and evaluate appropriateness of evidence.

Work closely with regional compliance teams to prepare for regulatory requests, representing TRM as necessary in face-to-face meetings in conjunction with other partners.

Challenge the design of global technology metrics, perform data and trend analysis, and produce monthly KRI and KPI metric reports.

Build and maintain relationships globally across the firm including Technology Management, Information Security, Third-Party Risk, Enterprise Risk and Internal Audit. Be a risk champion within the wider BlackRock business.

Stay updated on global technology related regulations, industry standards, and other guidance related to Technology Resilience, Cyber Security and Technology Vendor Risk.

Partner with BlackRock software development and technology teams to help them identify, understand and mitigate technology control risks through control education, review of metrics, and completion of self-assessments

Knowledge/Experience:3+ years of experience working in a Technology Risk, IT Audit, Information Security or related field (financial services industry experience preferred)

Demonstrated experience in industry leading practices and control frameworks, such as COBIT, NIST CSF, ISO 27001 as well as regulatory requirements, such as GDPR, GLBA and CCPA

Established understanding of software design, distributed systems, SDLC, and/or technology operations (hands on experience preferred)

Demonstrable ability to analyze and monitor risk control issues through to resolution

Strong Microsoft Office skills (including Microsoft Excel, PowerPoint, and Word) as well as familiarity with GRC tools

Experience with Tableau preferred.

Bachelor's degree required

Our benefitsTo help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.About BlackRockAt BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children's educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.This mission would not be possible without our smartest investment - the one we make in our employees. It's why we're dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.For additional information on BlackRock, please visit careers.blackrock.com | www.blackrock.com/corporate | Instagram: @blackrock (http://www.instagram.com/blackrock) | Twitter: @blackrock (https://twitter.com/blackrock) | LinkedIn: www.linkedin.com/company/blackrockBlackRock is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.