About this role

BlackRock is one of the world’s preeminent asset management firms and an outstanding provider of global investment management, risk management and advisory services to institutional, intermediary and individual investors around the world! BlackRock offers a range of solutions — from detailed fundamental and quantitative active management approaches sought at improving outperformance to highly efficient indexing strategies crafted to gain broad exposure to the world’s capital markets. Our clients can access our investment solutions through a variety of product structures, including individual and institutional separate accounts, mutual funds and other pooled investment vehicles, and the industry-leading iShares® ETFs!

The Cybersecurity Governance team acts as a trusted risk advisor for the Global Information Security department and a liaison with Internal Audit, External Audit and Regulators. We are looking for an experienced risk manager with 10+ years of Information Security and IT Risk experience, performing risk advisory oversight for top Financial Services firms. This role will be responsible for identifying, analyzing, and influencing the management of security risks across the organization.

'- Identify, understand and interpret key regulatory and framework mentorship for cloud cybersecurity controls.

• Coordinate assessments against key regulatory and framework guidance for cloud cybersecurity controls.
• Build and improve presentations for senior and executive management, clients and regulators.
• Provide feedback to Technology Risk and Internal Audit on their cybersecurity opinions.
• Maintain Information Security program documents that describe the function.
• Support regulatory developments, including supervising new regulations, preparing actions for new regulatory requirements, presentations, meetings, note-taking, summary reports to management.
• Support Internal Audit activities to guide auditors and control owners to controls that are effective in mitigating risks, efficient, balanced and pervasive where applicable.
• Evaluate third party assessments of the Information Security function.
• Maintain cybersecurity threat, Risk and control taxonomy.
• Support the cybersecurity metrics program.
• Review internal and external communications related to cybersecurity.
• Update cybersecurity policies and standards.
• Maintain the list of key cybersecurity gaps.
• Engage in cybersecurity control improvements.

Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and proficiencies necessary to be highly-effective in the role. These skills and proficiencies include:

• Strong documentation and process oriented background with leading and managing complex Technology projects.
• An ability to effectively influence others to account for the plans and collaborative behaviors for results.
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and measurable manner.
• An ability to identify and assesses the cybersecurity threats, risks and controls to efficiently mitigate risks.
• Strong decision-making abilities.
• An understanding of business needs and dedication to delivering high-quality, prompt, and efficient service to the business.
• An understanding of organizational mission, values, and goals and consistent application of this knowledge.
• Ability to react to high pressure dynamic changing environments.
• Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
• An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization.
• An ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches.
• A field and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations.

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• BS or MA in Business, Computer Science, Information Security, or a related field.
• 10+ years in Information Security, IT Risk, IT Governance or IT Audit role in a financial services company.
• 5+ years of experience dealing with regulators, external and internal audit.
• 5+ years of experience with information security management frameworks (e.g., IS027000, NIST 800-53, etc.)
• Familiarity with CSA CCM framework and Zero Trust principles
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA).

'- Travel : No

• Direct Reports: No
• Licenses: No

We are an equal opportunity employer offering a competitive salary and benefits.

For Wilmington, DE Only the salary range for this position is USD$0.00 - USD$0.00 . Additionally, employees are eligible for an annual discretionary bonus, and benefits including healthcare, leave benefits, and retirement benefits. BlackRock operates a pay-for-performance compensation philosophy and your total compensation may vary based on role, location, and firm, department and individual performance.

Our benefits

To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.

Our hybrid work model

BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.

About BlackRock

At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.

This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.

For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock

BlackRock is proud to be an equal opportunity workplace. We are committed to equal employment opportunity to all applicants and existing employees, and we evaluate qualified applicants without regard to race, creed, color, national origin, sex (including pregnancy and gender identity/expression), sexual orientation, age, ancestry, physical or mental disability, marital status, political affiliation, religion, citizenship status, genetic information, veteran status, or any other basis protected under applicable federal, state, or local law. View the EEOC’s Know Your Rights poster and its supplement and the pay transparency statement.

BlackRock is committed to full inclusion of all qualified individuals and to providing reasonable accommodations or job modifications for individuals with disabilities. If reasonable accommodation/adjustments are needed throughout the employment process, please email Disability.Assistance@blackrock.com. All requests are treated in line with our privacy policy.

BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.