Thematic Risk Assessment, RQA, Analyst

Business Overview

Understanding and managing risk is the cornerstone of BlackRock’s approach to responsible investing. The Risk & Quantitative Analysis (RQA) group provides independent oversight of BlackRock’s fiduciary and enterprise risks. Our mission is to advance the firm’s risk management practices and to deliver independent risk expertise and constructive challengesto drive better business and investment outcomes. RQA promotes BlackRock as a leader in risk management by providing independent top-down and bottom-up oversight to help identify investment, counterparty, operational, regulatory, technology, and third-party risks.

RQA is committed to investing in our people to increase both individual enablement and a strong collaborative environment. As a global group located all around the world, our goal is to create a culture of inclusion which encourages teamwork, innovation, diversity, and the development of our future leaders.  We actively engage in discussions on career growth and work with team members to understand how personal passions and strengths connect with our purpose.

Who We Are 

The Thematic Risk Assessment team sits within the Enterprise Risk Management group (a Second Line of Defense function) and has enterprise-wide coverage through its risk and control assessment programs. The team’s Book of Work iscrucialto both the “true-up” understanding of our enterprise risk and control landscape and facilitating the timely identification, analysis and treatment of gaps. These help provide assurance that senior management has defined and implemented controls that protect our clientsandfirm, and support the achievement of firm-wide businessgoals within our risk tolerance. We strive to help senior management close the last mile with risk insights that are timely, reliableand trackable.

What You Will Be Doing:  

Your primary responsibilities include: 

• Perform independent evaluations of businesses’risk and control self-assessments and risk management strategies, and independent data metrics (e.g. business risk indicators and potential loss events) to identify recurring risk themes and control weaknesses.

• Perform and support end-to-end targeted assessments of enterprise risk themes (e.g. order processing & management risk, concentration risk and technology risk) to uncover systemic patterns, blind spots and early-warning indicators, including independent testing of operating controls against industry standards and internal policies and standards.

• Identify and analyze cross-functional risk issues to facilitate consistent and sustainable control improvements firmwide.  

• Collaborate with cross-functional teams to ideate, develop and implement pragmatic actions that address thematic risk gaps that were identified. 

• Build and maintainan internal repository to ascertain and quantify the potential risks of identified enterprise risk themes using tools such as (but not limited to) Python, Power BI, Excel, and SQL.

• Prepare detailedassessment reports highlightingrisk priorities and control deficiencies or design gaps,and proposingpragmatic recommendationsfor remediation. 

• Support continuous improvements to enterprise risk and control assessment programs. 

What We Look For:  

The successful candidate should have a keen interest in performing risk and control assessments, analyzing data, identifying and managing risks, performing data visualization, and proposing pragmatic remedial measures for a robust control environment. 

• 1-3 yearsof practical experience in Enterprise Risk Management &/or Assessment, Control Testing (Operational; Technology), Risk &/or Compliance, Data Analytics, or Audit (experience earned in Asset Management or Banking industry is preferred).

• Demonstrable ability to identify and analyze risk and control issues, challenge the status quo and work with cross-functional and international teams to ideate pragmatic solutions that strengthen the risk and control environment. 

• Good understanding of industry-leading practices and control frameworks (e.g. CRI Profile, NIST CSF, COSO ERM Framework, ISO 27001, SOC 2, SWIFT CSP, and COBIT). 

• Experiencedin data science &/or analytics, with demonstrable proficiency in tools such as (but not limited to) Python, PowerBI, Excel, and SQL. 

• Strong attention to detail,balanced stakeholder management approach, good listener, and strong communicationskills.Team-oriented personality with ownership and accountability mindset.