Information Security Audit Associate recruitment
BlackRock's Internal Audit Group is an independent global function responsible for providing assurance and advisory services covering all of Company's businesses and operations. Audit is a critical component of BlackRock's control and risk management infrastructure. The group seeks to attract and develop best-in-class talent from multi-disciplinary backgrounds including asset management, finance, technology, risk management, accounting, and operations. Successful professionals in the group will demonstrate a strong understanding of the asset and risk management businesses, build strong working relationships with business partners, and deliver value-added services which strengthen the risk and control environment.
BlackRock's Technology Audit Team is based in New York, Princeton, San Francisco, London and Singapore.
Role Description
The Information Security Audit Associate will be involved in various aspects of the Audit group's risk assessment, assurance and advisory activities with a particular focus on providing assurance over the firm's information security control environment.
Responsibilities:
- Participation in projects aimed at optimizing technology control activities and processes
- Assistance in the risk assessment of selected information technology and business units
- Identify key control issues and emerging risks; work with management to ensure timely and effective remediation
- Build strong relationships with the information security team and other business partners
- Collaborate with other corporate risk and control functions to ensure activities are coordinated
Skills and Experience:
- Information security experience and a good understanding of information security frameworks such as the ISO/IEC 27000 series and NIST
- Strong understanding of network perimeter defenses and penetration testing, internal system hardening network scanning tools and practices, intrusion detection systems, and security incident and event management processes
- Strong understanding of security controls over areas such as data protection, identity and access management solutions, virtualization and remote access technologies
- Strong project management, organizational skills and presentation skills
- Excellent communication (verbal, written, and listening) and interpersonal skills
- Strong critical thinking and problem solving abilities
- Aptitude towards investment and risk management, scenario analysis and problem solving
- Ability to develop and maintain effective working relationships with business management
- Financial services experience is preferred; understanding of asset management products, business processes and systems
- Professional certifications such as CISA, CISM, CRISC or CISSP
- Undergraduate or graduate degree in management information systems, engineering or a technology field is preferred. BA/BS is required
BlackRock is proud to be an E-Verify Equal Opportunity/Affirmative Action Employer--M/F/D/V.
Skills
BlackRock is one of the world's preeminent asset management firms and a premier provider of global investment management, risk management and advisory services to institutional, intermediary and individual investors around the world. BlackRock offers a range of solutions -- from rigorous fundamental and quantitative active management approaches aimed at maximizing outperformance to highly efficient indexing strategies designed to gain broad exposure to the world's capital markets. Our clients can access our investment solutions through a variety of product structures, including individual and institutional separate accounts, mutual funds and other pooled investment vehicles, and the industry-leading iShares® ETFs.