Head of Applications Audit recruitment
BlackRock's Internal Audit Group is an independent
global function responsible for providing assurance and advisory
services covering all of Company's businesses and operations.
Audit is a critical component of BlackRock's control and risk
management infrastructure. The group seeks to attract and
develop best-in-class talent from multi-disciplinary backgrounds
including asset management, finance, technology, risk management,
accounting, and operations. Successful professionals in the
group will demonstrate a strong understanding of the asset and risk
management businesses, build strong working relationships with
business partners, and deliver value-added services which
strengthen the risk and control environment.
BlackRock's Technology Audit Team is based in New York, Princeton,
San Francisco, London and Singapore.
Role Description
The VP / Director - Head of Application Audit will be responsible
for continuing to develop an audit process which drives value added
and impactful assurance over all aspects of the firm's technology
application suite, including its global, integrated investment
platform, Aladdin. This role will play a meaningful part in
the evolution of the 'integrated' audit approach by which
technology risks and controls are evaluated concurrent with audits
of business functions. The candidate will report to the
Audit Director of Global Technology in New York. Some travel
will be required, approximating 20%.
Responsibilities:
The VP / Director - Head of Application Audit will play a leading
role within the global technology audit team and will be expected
to contribute significantly to strategic planning, process
innovation, and assurance/advisory project execution of the Global
team. Specific responsibilities will include:
- Developing the design and execution of the global application
audit strategy including the integrated audit approach - Oversight and supervision of integrated and application audits
and pre-implementation reviews - Project managing and supporting audit reviews aimed at
optimizing technology control activities and processes - Assistance in the risk assessment of selected applications,
initiatives and business units - Identify key control issues and emerging risks; work with
management to ensure timely and effective remediation - Build strong relationships with the application development
leadership team and other business partners - Collaborate with other Corporate risk and control functions to
ensure activities are coordinated - Provide timely and candid feedback and coaching to staff
- Effectively manage resources to optimize productivity, meet
training and development needs, and deliver high quality, value
added assurance and advisory services
Skills and Experience:
- More than 10 years' experience of application audit in the
financial services sector - Experience of web and native application development
technologies, such as: -
- Programming experience, e.g., C++, Java
- Scripting experience, e.g., Perl, Python, Ruby
- Experience with frameworks such as JBoss, Hibernates, Swing,
JSP - SQL experience with a major database such as MySQL, Postgres,
MS SQL, Sybase, Oracle
- Strong application development, systems implementation and
application project management experience - Strong understanding of security principles such as defense in
depth - Strong understanding of application controls, data management
principles, segregation of duties principles, application
configuration and interfaces - Experience in the identification and remediation of
security bugs in the OWASP Top 10 or SANS Top 25 is preferable - Understanding of asset management products, business processes
and systems preferable - Undergraduate or graduate degree in management information
systems, engineering or a technology field is preferred.
BA/BS is required - Strong project management, organizational skills and
presentation skills - Experience managing teams of skilled professionals
- Excellent communication (verbal, written, and listening) and
interpersonal skills; strong writing skills, particularly as
related to audit reports and management presentations - Ability to develop and maintain effective working relationships
with executive management and external regulators - Understanding of best practice control frameworks such as
CoBIT, OWASP, ISO, ITIL and COSO - Professional certifications such as CISA, CIA and secure
application development certification such as CSSLP or GSSP are
preferable
BlackRock is proud to be an E-Verify Equal
Opportunity/Affirmative Action Employer--M/F/D/V.
Skills
BlackRock is one of the world's preeminent asset management
firms and a premier provider of global investment management, risk
management and advisory services to institutional, intermediary and
individual investors around the world. BlackRock offers a range of
solutions -- from rigorous fundamental and quantitative active
management approaches aimed at maximizing outperformance to highly
efficient indexing strategies designed to gain broad exposure to
the world's capital markets. Our clients can access our investment
solutions through a variety of product structures, including
individual and institutional separate accounts, mutual funds and
other pooled investment vehicles, and the industry-leading iShares®
ETFs.