DescriptionAbout this role
The Cybersecurity Governance team acts as a trusted risk advisor for the Global Information Security department and a liaison with Internal Audit, External Audit and Regulators.
Identify, understand and interpret key regulatory and framework mentorship for cloud cybersecurity controls. As an Information you will:
What you'll need:
- Coordinate assessments against key regulatory and framework guidance for cloud cybersecurity controls.
- Build and improve presentations for senior and executive management, clients and regulators.
- Provide feedback to Technology Risk and Internal Audit on their cybersecurity opinions.
- Maintain Information Security program documents that describe the function.
- Support regulatory developments, including supervising new regulations, preparing actions for new regulatory requirements, presentations, meetings, note-taking, summary reports to management.
- Support Internal Audit activities to guide auditors and control owners to controls that are effective in mitigating risks, efficient, balanced and pervasive where applicable.
- Evaluate third party assessments of the Information Security function.
- Maintain cybersecurity threat, Risk and control taxonomy.
- Support the cybersecurity metrics program.
- Review internal and external communications related to cybersecurity.
- Update cybersecurity policies and standards.
- Maintain the list of key cybersecurity gaps.
- Engage in cybersecurity control improvements.
- 7+ years in Information Security, IT Risk, IT Governance or IT Audit role in a financial services company.
- experience dealing with regulators, external and internal audit.
- experience with information security management frameworks (e.g., IS027000, NIST 800-53, etc.)
- Familiarity with CSA CCM framework and Zero Trust principles
- Strong documentation and process oriented background with leading and managing complex Technology projects.
- An ability to effectively influence others to account for the plans and collaborative behaviors for results.
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and measurable manner.
- An ability to identify and assesses the cybersecurity threats, risks and controls to efficiently mitigate risks.
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) certifications are plus
- BS or MA in Business, Computer Science, Information Security, or a related field.
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about. About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children's educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment - the one we make in our employees. It's why we're dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit careers.blackrock.com
| Instagram: @blackrock
| Twitter: @blackrock
| LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, disability, protected veteran status, and other statuses protected by law.
BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.