Director, Technology Risk Management

About this role

Title: Director, Operational Risk - Technology and Cybersecurity Risk Management (NYC)

We are looking for an experienced individual to join the Technology Risk team based in New York.

Job Description

BlackRock is one of the world’s preeminent asset management firms and a leading provider of investment management, risk management, and advisory services to diverse investors globally. BlackRock offers our clients a range of solutions, from rigorous fundamental and quantitative active management strategies to highly efficient index strategies for broad exposure to the world’s capital markets. Our clients access our investment solutions through a variety of products, including individual and institutional separate accounts, mutual funds, other pooled investment vehicles, and the industry-leading iShares® ETFs.

Business Overview

Understanding and managing risk is the cornerstone of BlackRock’s approach to responsible investing.  BlackRock’s Risk & Quantitative Analysis (RQA) group’s mission is to advance the firm’s risk management practices and to deliver independent risk expertise and constructive challenge to drive better business and investment outcomes.  RQA promotes BlackRock as a leader in risk management by providing independent top-down and bottom-up oversight to help identify investment, counterparty, operational, regulatory, technology, and third-party risks.

RQA is committed to investing in our people to increase both individual enablement and a strong collaborative environment. As a global group located all around the world, our goal is to create a culture of inclusion which encourages teamwork, innovation, diversity and the development our future leaders.  We actively engage in discussions on career growth and work with team members to understand how personal passions and strengths connect with our purpose.

Technology Risk Management

Technology Risk Management (TRM) is an integral part of the RQA Enterprise Risk Management group. As a second line of defense function, our mission is to help ensure senior management has defined technology controls that protect our clients, our firm and support the achievement of firm-wide business goals within our risk tolerance. TRM partners with senior management, Aladdin Product Group and Technology leadership, Information Security, Operational Risk and other control functions to achieve this mission.

The ideal candidate for this position must be a dynamic, flexible and creative leader, with experience in technology and enterprise risk management and financial services. The candidate must have strong presentation, communication, stakeholder management and proven leadership skills in order to successfully navigate across different levels of the BLK and client organizations. The candidate must also be able to work cross functionally across enterprise risk disciplines. 

Key Responsibilities:

• Help lead the global second-line Technology and Cybersecurity Risk management organization with strategic direction, including setting vision for the Technology Risk Management framework across the three lines of defense.
• Represent second-line Technology and Cybersecurity Risk organization across multiple BlackRock regulated entities, including ongoing regulatory engagement, targeted exams, senior management and board-level interactions.
• Collaborate closely with senior technology leadership, including the heads of Aladdin Engineering, Technology, Internal Audit, the CISO, and other executives to integrate risk management into business processes.
• Establish and oversee the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
• Leverage strong technical and interpersonal skills to successfully partner with technologists and software owners to identify potential concentrations of elevated risk and perform independent assessments of mitigating controls.
• Provide thought leadership to drive strategic risk reduction efforts for technology and cybersecurity related matters through proactive risk identification, analysis and response.
• Spearhead corporate enterprise risk initiatives and processes that have a technology component. Contribute to the development of the Enterprise Risk Management (ERM) program as part of the ERM leadership team and represent Technology Risk in formal risk governance. (e.g., boards, risk committees, steering groups)
• Set direction and provide strategic oversight of periodic and thematic risk assessments to execute continuous control monitoring; detail potential control gaps and questions, conduct business engagement meetings and follow-ups throughout the year. 
• Spearhead the second-line effort to enhance the design of global technology metrics, perform data and trend analysis, and produce monthly KRI and KPI metric reports.
• Stay updated on global technology related regulations, industry standards, emerging trends, and other best practice guidance related to Technology Resilience, Cybersecurity, Artificial Intelligence and Operational Resilience.
• As a people manager, oversee talent sourcing and development, promote diversity, inclusion and equity and provide ongoing coaching and performance feedback.

Qualifications:

• Minimum 10 years of experience working in a Technology Risk, IT Audit, Information Security or related field (Asset Management or Banking industry experience preferred)
• Demonstrated experience in industry leading practices and control frameworks, such as COBIT, NIST CSF, ISO 27001 as well as regulatory requirements, such as DORA, GDPR, GLBA and CCPA. 
• Proven track of credible engagement with senior management, boards of directors and regulators.
• Deep understanding of software design, distributed systems, technology infrastructure, data security principles, SDLC, and/or technology operations (hands on experience preferred)
• Demonstrable ability to analyze and monitor risk control issues through to resolution
• Proven leadership, program management, relationship-building analytical and organizational skills
• Effective communication and stakeholder influencing skills
• Proven leadership skills with experience in managing large-scale risk management programs and cross-functional teams as well as developing effective organizational dynamics across teams and regional locations.
• Strong Microsoft Office skills (including Microsoft Excel, PowerPoint, and Word) as well as familiarity with GRC tools; experience with data analytics and presentation tool preferred.
• Bachelor’s degree required

For New York City only: The salary range for this position is $190,000 - $240,000. Additionally, employees are eligible for an annual discretionary bonus, and benefits including heath care, leave benefits, and retirement benefits. BlackRock operates a pay-for-performance compensation philosophy and your total compensation may vary based on role, location, and firm, department and individual performance.

Our benefits

To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.

Our hybrid work model

BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.

About BlackRock

At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being.  Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.

This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.

For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock

BlackRock is proud to be an Equal Opportunity and Affirmative Action Employer.  We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.

BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.