Information Security 12 Month Placement
Locations: Edinburgh, United Kingdom
Overview of Technology roles
At BlackRock, technology has always been at the core of what we do – and today, our technologists continue to shape the future of the industry with their innovative work. We are not only curious but also collaborative and eager to embrace experimentation as a means to solve complex challenges. Here you’ll find an environment that promotes working across teams, businesses, regions and specialties – and a firm committed to supporting your growth as a technologist through curated learning opportunities, tech-specific career paths, and access to experts and leaders around the world.
Job description
About this role
At BlackRock, information security is a top priority. The Information Security department is dedicated to maintaining the highest standards of security and compliance. We continuously evolve our practices to stay ahead of emerging threats and ensure the safety of our clients' information.
The Edinburgh Information Security Internships has opportunities across 6 distinct roles and is a rising tech hub that hosts one of the most diverse Cyber teams in the firm. These are 12 month full-time placement internship vacancies.
List your top 3 roles if applying for more than one role in your cover letter and/or CV.
1)Cyber Software Engineer
The software engineering team is a full stack software engineering team working on solving non-standard security risks along with cyber focused applications in Java and Angular or data engineering in Python. Your responsibilities will be to develop and maintain security solutions to enhance the firm’s security threat detection, compliance, entitlement management and audit assurance programs.
Job Purpose/Background:
You will be joining the Cyber Automation software engineering team as a full stack software engineer working on cyber focused web applications in Java/Angular or data engineering in Python.
Your responsibilities will be to develop and maintain security solutions to enhance the firm’s information security threat detection, compliance, entitlement management architectures and audit assurance programs. You will be working with agile delivery methodologies, communicating with project managers, stakeholders and lead engineers.
We're committed to your personal and technical growth, offering mentorship from a group of experienced, technically focused colleagues. You'll also participate in exciting learning opportunities, such as secure coding, hacker rank challenges, and cyber security workshops.If you're self-motivated, well-organized, and eager to dive into the world of cyber security, we want to hear from you! Join us for an enriching experience that will shape your career and contribute to the safety of our digital landscape.
Key Learning Outcomes:
Full stack development (front end & back end).
Designing and conceptualising options.
Developing, prototyping and implementation.
Working with clients to gather business requirements.
Writing and sharing test specifications.
Documentation and deployment.
Operating in an Agile environment.
Research & Development with new technologies.
Soft Skills:
Self-motivated and well organised.
Passionate about technologies and continually learn new technologies.
Strong ability to prioritise, manage and perform multiple tasks.
Curious and attentive to detail.
Able to work individually and within a team.
Excellent written and verbal communication skills.
Desirable Technical Skills:
Good understanding of Object Orientated programming.
Good understanding of writing/reading SQL statements.
Familiarity withUnix/Linux operating systems/commands.
Exposure to Wildfly web servers.
Experience working with source control such as git.
Testing technology like Junit, Jest and concepts such as mocking.
Programming Language Option 1:
Proficient in Java EE
with OpenJDK or similar
with Spring 4.0+ Framework
with Wildfly web servers (or similar)
with Angular 13+
Programming Language Option 2:
Proficient in Python
Exposure to Python frameworks like Django, Flask or Pyramid
Using Python in a security operations capacity
2)Cyber Data Protection
Data Protection safeguards BlackRock’s critical information assets by monitoring and investigating abnormal user activity. This is a fast-growing and specialist field, and an exciting opportunity to participate in a sought-after data loss prevention (DLP) and insider threat program.
Job Purpose/Background:
You will be joining the Information Security department as an intern with the opportunity to specialize in the Cyber Data Protection team. Cyber Data Protectionsafeguards BlackRock’s critical information assets by monitoring and investigating abnormal user activity. This is a fast-growing and specialist field, and an exciting opportunity to participate in a sought-after data loss prevention (DLP) and insider threat program.
Key Learning Outcomes
Incident detection, analysis and response
DLP concepts & tools
User Behavior Analytics (UBA)
User activity investigation
Regulatory standards & data privacy
SIEM
Cyber Security ethics & best practices
Soft Skills
Attention to detail
Problem-solving
Strong ability to prioritize, manage and perform multiple tasks
Able to work individually and within a team
Excellent written and verbal communication skills
Effective time management
Other Desirable Skills, Knowledge, and Experience:
Familiarity with information classification and handling concepts
General understanding of data disclosures and responsive measures
Basic understanding of operations
Confidence to engage colleagues across the firm and organizational hierarchy
The ability to communicate technical concepts to non-technical colleagues
Emotional intelligence, paired with strong oral and written communication skills
Thoroughness and attention to detail
3)Cyber Pen Testing
Dev Sec Ops are dedicated to securing our cutting-edge applications, ensuring the security and integrity of our internal or external software applications. You’ll gain hands-on experience with comprehensive code review tools and security testing. Your responsibilities will include performing static and dynamic code analysis, software composition analysis, and penetration testing to identify and resolve security vulnerabilities.
Job Purpose/Background:
This is an incredible opportunity to work with a global team dedicated to securing our cutting-edge applications.You'll play a crucial role in ensuring the security and integrity of our software applications, gaining hands-on experience with comprehensive code review tools and security testing.
Your responsibilities will include performing static and dynamic code analysis, software composition analysis, and penetration testing to identify and resolve security vulnerabilities.
We're committed to your personal and technical growth, offering mentorship from a group of experienced, technically focused colleagues. You'll also participate in exciting learning opportunities, such as secure coding, ethical hacking, and cyber security workshops.If you're self-motivated, well-organized, and eager to dive into the world of cyber security, we want to hear from you! Join us for an enriching experience that will shape your career and contribute to the safety of our digital landscape.
Key Responsibilities:
Dive into configuring and managing cutting-edge automated security testing tools to keep our codebase safe via pipelines.
You'll get hands-on experience with SAST/DAST/SCA to spot vulnerabilities in the source code.
Analyzing security scan results to pinpoint genuine issues.
Work closely with our development teams to offer practical and innovative remediation tips.
Document and report your findings, showcasing effective mitigation strategies to ensure we're always on top of security.
Unleash your creativity by building cool automation tools.
Grow your expertise through engaging secure coding sessions, hacking challenges, and cybersecurity learning opportunities.
Play a key role in our Bug Bounty program, helping us tackle issues swiftly and accurately.
Soft Skills:
Interested in technologies and continually learning new technologies.
Capable of prioritising, managing, and performing multiple tasks.
Attentive to detail.
Able to work individually and within a team.
Proficient in written and verbal communication.
Skilled in analytical and problem-solving tasks.
Desirable Technical Skills:
Familiarity with Java, C, C++, or .Net.
Strong understanding of Object-Oriented Programming.
Proficient in reading SQL statements.
Knowledgeable about ADO pipelines.
4) Cyber Security Operations
Security Operations play a critical role in monitoring, detecting, and responding to security incidents. You will have the unique opportunity to gain hands-on experience in the heart of our cyber security operations learning about network security, cyber vulnerabilities, forensics and threat techniques.
Job Purpose/Background:
You will be joining the Information Security department as an intern with the opportunity to specialize in the Security Monitoring (SOC) team. The SOC team plays a critical role in monitoring, detecting, and responding to security incidents. As an SOC intern, you will have the unique opportunity to gain hands-on experience in the heart of our cybersecurity operations.
Key Learning Outcomes
Incident detection and analysis
Suspicious email investigation
Vulnerability management
Sandboxing tools
SIEM
Brand protection
Cyber security best practices
Soft Skills
Attention to detail
Problem-solving
Strong ability to prioritize, manage and perform multiple tasks
Able to work individually and within a team
Excellent written and verbal communication skills
Effective time management
Other
Understanding of network protocols, firewalls, routers and network security principles to monitor and protect network infrastructure
General knowledge and hands on experience with cybersecurity endpoint, network, vulnerability, forensics and log management tools
Basic understanding of cybersecurity threats, trends, and attack techniques. MITRE ATT&CK framework and OWASP top 10
Familiarity with malware analysis tools and techniques to identify and analyze malicious software
Basic scripting skills (e.g., Python, PowerShell) to automate repetitive tasks and analyze data
Experience with SIEM technologies, such as Splunk or LogRhythm
5) Cyber Software Quality Assurance
Quality assurance test engineers work with the Cyber Automation team on cyber focused web applications where you will gain hands-on experience with various manual and automated testing tools. You will gain experience in identifying defects, problems or vulnerabilities within the targeted software.
Job Purpose/Background:
You will be joining the Cyber Automation software engineering team as a quality assurance test engineer working on cyber focused web applications gaining hands-on experience with various manual and automated testing tools.
Your responsibilities will be to ensure the quality and reliability of our products and services which willenhance the firm’s information security threat detection, compliance, entitlement management architectures and audit assurance programs. You will be working with agile delivery methodologies, communicating with project managers, stakeholders and lead engineers.
We're committed to your personal and technical growth, offering mentorship from a group of experienced, technically focused colleagues. You will have the chance to engage in learning activities, such as secure coding, hacker rank challenges, and cyber security workshops.If you'redetail-oriented, self-motivated, well-organized, and eager to dive into the world of cyber security, we want to hear from you! Join us for an enriching experience that will shape your career and contribute to the quality and safety of our digital landscape.
Key Learning Outcomes:
Assist in the development and execution of test plans and test cases.
Conduct functional, regression, and performance testing.
Identifypotential problematic areas within the software.
Identify, document and track defects through the whole development lifecycle.
Collaborate with developers and other stakeholders to ensure the product quality.
Opportunity to assist with code reviews to identifyadditional test cases.
Perform automated and manual testing as required
Contribute to the creation and maintenance of QA documentation
Assist in the continuous improvement of QA processes and methodologies
Soft Skills:
Self-motivated and well organised.
Strong analytical and problem-solving skills.
Great attention to detail.
Passionateabout and eager to learn new technologies.
Proactive in keeping up with the latest industry trends
Strong ability to prioritise, manage and perform multiple tasks.
Able to work individually and within a team.
Excellent written and verbal communication skills.
Desirable Technical Skills:
Basic understanding of Object Orientated programming.
Basic understanding of writing/reading SQL statements.
Basic understanding of testing frameworks such as Selenium
Understanding of the SDLC and QA methodologies.
Ability to produce detailed reports.
Experience with basic security testing is a plus.
6) Cyber Data Engineering
Cyber Security Data Analytics are responsible for data mining and development of data products using Python, SQL and business intelligence tools. The products developed and maintained by the team produce insights into an extensive dataset the company consumes and produces, proactively reducing the firm’s risk posture and enhancing insights across our security infrastructure.
Job Purpose/Background:
You will be joining the Cyber Security Data Analytics team as an analytics and engineer, responsible for data mining and developing of data product using Python, SQL and business intelligence tools.
The products developed and maintained by the team produce insights into an extensive dataset the company consumes and produces, proactively reducing the firm’s risk posture and enhancing insights across our security infrastructure.
You will be working in a fast-paced environment, leveraging agile methodologies. Your personal and technical growth is fostered under the mentorship of your colleagues. You will work directly with your colleagues, project leads, and stakeholders to build your understanding of the problem and determine the solution.
Key Learning Outcomes:
Data Engineering in Python and SQL.
Developing, prototyping and implementation in hybrid cloud technology stacks.
Dashboard development in code and business intelligence tools (Tableau/PowerBI).
Working with clients to gather business requirements.
Documentation and deployment in an Agile environment.
Learning how to stay on-top of evolving technologies.
Soft Skills:
Self-motivated and well organised.
Passionate about and continually learning new technologies.
Strong ability to prioritise, manage and perform multiple tasks.
Curious and attentive to detail.
Excellent written and verbal communication skills.
Desirable Technical Skills:
Good understanding of writing/reading SQL statements.
Familiarity with Python.
Familiarity with Business Intelligence tooling (Tableau, Grafana and/or PowerBI).
Familiarity with Unix/Linux operating systems/commands.
Experience working with source control such as git or ADO.
Our benefits
To help you stay energized, engaged and inspired, we offer a wide range of employee benefits including: retirement investment and tools designed to help you in building a sound financial future; access to education reimbursement; comprehensive resources to support your physical health and emotional well-being; family support programs; and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.
Our hybrid work model
BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.
About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, race, religion, sex, sexual orientation and other protected characteristics at law.
R250910
BlackRock Principles
We look to hire people that will embody our BlackRock Principles:
-
We are a fiduciary to our clients.
This is the bedrock of our identity; it reflects our integrity and the unbiased advice we give our clients.
-
We are One BlackRock.
We work collaboratively to create the best outcomes for our clients, our firm and the communities where we operate.
-
We are passionate about performance.
We are relentless in innovating and finding better ways to serve our clients and improve our firm.
-
We take emotional ownership.
We have a deep sense of responsibility to our clients and to each other.
-
We are committed to a better future.
We are long-term thinkers, focused on helping people build a better tomorrow.
Career path
We recognize that our technologists benefit from a tailored approach to navigating and advancing their careers in the ways they envision. Our tech career paths are specifically built to support vertical and horizontal trajectories – including Enterprise Leadership (team manager) and Tech Leadership (individual contributor) ‘tracks’ as well as various other career moves.
-
Engineer I (Analyst)
-
Engineer II/III (Associate)
-
Senior Engineer I/II (Vice President)
-
Lead Engineer
(Vice President)Engineering Team Manager
(Vice President) -
Principal/Sr. Principal
Engineer (Director)Engineering Team Director/ Sr. Engineering Team Director -
Managing DirectorManaging Director
-
TECH
LEADERSHIPENTERPRISE
LEADERSHIP
Benefits
We care about your overall well-being and design our benefits package to support you in various aspects of your life.
-
Financial well-being
We offer resources designed to help you build a sound financial future for you and your family, like retirement savings plans and tuition reimbursement.
-
Pay for performance
Our pay-for-performance philosophy includes a base salary and a discretionary annual bonus.
-
Physical well-being
Our healthcare plans and resources help you focus on your physical health, so you and your family can feel your best.
-
Emotional well-being
We support our people's mental health and emotional well-being by providing access to an Employee Assistance Program and a network of Mental Health Ambassadors.
-
Life management
You'll be able to focus on moments that are important to you with benefits designed to support life in and outside of work with Flexible Time Off, parental leave and more.
Lorem Ipsum dolor sit
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
From Hackathon to Higher Ed: The BlackRock for Universities Story BlackRock for Universities began as Sam Konigsberg's hackathon idea in 2019. It became a reality, providing students with industry-leading tools for better portfolio management. By integrating Aladdin, students can analyze their portfolios more effectively, focusing on risk and intentionality, thus bridging the gap between academic learning and professional investment practices.
-
Navigating Internal Mobility? Here’s What Worked for These BlackRock Leaders You may not always be sure when – or how – to make your next career move, whether that means switching to a different team, advancing beyond your current position, or both. But you do know when it’s time for a change, usually once you’ve outgrown a job. And that’s why your next steps can be crucial to establishing an exciting long-term career.
-
What Does a Tech Career at BlackRock Look Like? BlackRock’s tech careers offer diverse and dynamic opportunities with personalized career paths and continuous learning. Deval Patel, Ozen Hussein and Mike Bowen share their stories of growth and innovation.
-
-
-
-
-
-
MBA Recruiter Shares Insights on Getting Hired at BlackRock
-
How BlackRock Prioritizes Career Growth
-
3 Simple Steps to Build Resilience
-
Barbara Novick: Founder and Role Model
-
From Innovative Tech to Inclusive Teams
-
Gives Network Empowers Employees to Be a Local Force for Good
-
Hacking with Purpose
-
How Pui Ian Tong and Her Team are Helping Grow Aladdin in Singapore and Beyond
-
In This Software Developers Role, Tech and Finance go Hand in Hand
-
How This Fintech Company's Employee Networks Help Recent Grads Thrive
-
Innovation Spotlight on Belgrade: Our 2021 Hackathon Winners
-
Celebrating Interational Women's Day at BlackRock
-
Supporting and Honoring our Veterans Around the Globe
-
What Mentorship Means in Today's World
-
Samara Cohen: BlackRock's Newly Named Chief Investment Officer of EII
-
At BlackRock, You Can Change Career Paths Without Leaving the Company
-
"There Are Seats at the Table for Everybody" -- How This Fintech Is Championing Women Leaders
-
From Passion to Purpose: How This Associate Influenced BlackRock's Investment in Renewable Energy
-
Meet the Data Scientist Behind Out & Allies’ Mentorship Algorithm
-
Up and Out: A Conversation with LGBTQ+ Leaders at BlackRock
-
Social Impact Codeathon 2021: Solving Challenges for the Atlanta Community
-
Here's Why This Vice President Never Stops Investing in Herself Narinder found a way to invest in herself at BlackRock, where internal mobility is greatly valued. background in finance and a clear goal. being in a client facing role
-
Meet our London-based Chief Investment Officer, Simona Paravani-Mellinghoff
-
A Conversation With Atlantans Who Are Building Our iHub in Atlanta
-
How Building a Latinx Community at BlackRock Helped These Employees Thrive
-
“You’re in the Driving Seat:” How This VP in Edinburgh Has Grown Her Career at BlackRock
-
How the Belgrade Social Impact Team is Making a Difference Through Mentorship
-
How This Associate Designed a Career Path Toward Her Perfect Role at BlackRock
-
How BlackRock's Tech Pathways Helped This Software Engineer Thrive
-
What Forged a Bond Between the Madrid Team and a Local Nonprofit (Answer: Cake!)
-
Meet Ifeoma (Ify) Ezike The Science Graduate Who Pivoted to Become a Leader in Finance
-
How This BlackRock Trader Is Destigmatizing Mental Health at Work
-
Circling Back With Jennifer McGovern - a BlackRock 'Boomerang'
Stay in the know
Sign up to get information on open roles, upcoming events and life at the firm – straight to your inbox.