Vacancy expired!
- Cyber Operations which provides global 24x7 operation center responsible for cyber monitoring, incident response, cyber intelligence, cyber forensics and vulnerability management. Also responsible for coordinating firm-wide functional engagement and escalation of cyber security issues and delivering firm-wide awareness of cyber security issues
- Cyber Risk Assessments & Governance which assesses cyber risk in our environment through governance, risk and compliance. This includes leading all aspects of a penetration testing program, reducing vulnerabilities, and partnering with vendor management to assess supplier cyber risk.
- Cyber Architecture Services which is responsible for analyzing and assessing cyber architecture and new technologies in addition to defining the platform security standards and delivering cyber analytics
- Cyber Analytics which develops quantitative processes and solutions to measure, automate, and model Information Security controls.
- Access & Identity Management which delivers Identity Management, and Access automation in support of Aladdin and in partnership with Human Resources for joiners / movers and leavers
- Conducting internal cyber risk assessments of the Firm's mission critical information assets, associated workflows, and/or systems storing, processing, or transmitting mission critical information
- Supporting the development of tabletop-style exercises ("cyber wargames") designed to stimulate incident response activities within BlackRock, or in partnership with service providers and third-party incident response teams
- Assisting with the design of Control Action Plans to close gaps identified during cyber risk assessments and cyber wargame activities
- Tracking Control Action Plans to closure through consistent and timely engagement of issue owners and key stakeholders
- Effectively communicating with InfoSec management and regional senior management to champion the cyber security program and ensure timely notification and updates on information security incidents
- Delivering timely and detailed documentation related to any incident or Wargame exercise including recording the findings, tracking follow-up activities, and reporting on progress and providing metrics
- Participating in cyber threat hunts in support of the global cyber operations function
- Participating in the creation, modification and maintenance of all Cyber Monitoring policies and procedures
- Keeping abreast of cyber security trends and the emerging threat landscape in general and as it relates to BlackRock
- Proven ability to lead independent risk assessments
- Familiarity with information security control frameworks (ex. ISO, NIST, PCI DSS); ability to develop control improvement recommendations aligned with industry best practice
- Excellent communication skills
- Strong program management and organizational skills
- Strong analytical skills
- Technical fluency; ability to synthesize and evaluate complex business workflows and their underlying infrastructure
- Excellent attention to detail
- Minimum of 5-10 years Information Security industry experience is preferred
- Knowledge of system security architecture and security solutions - IDS, Splunk, data loss prevention, next generation anti-malware, etc.
- Knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
- Knowledge of malware operation and indicators
- Knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM, DLP, Proxy, next gen anti-malware etc.)
- Knowledge of Firewall and Proxy technology
- Knowledge of penetration techniques
- Sophisticated incident investigation and response skill set
- Background in third party security, audit, or technology risk function is preferred
- Integrity and the highest ethical standards
- Quickly adjusts sophisticated data and information and displays a developed learning agility
- Self-starter with the personal aim to achieve superior performance
- Courage of convictions and the ability to respectfully debate the status quo
- Natural curiosity and desire to always learn
- Reliability - we have a strong track record of delivery. This means successfully meeting aggressive milestones throughout the year, in addition to having one another's backs while doing so.
- Innovation - as a hub for creative solutions generation at the cutting edge of BlackRock Information Security's capabilities, we value the opportunity to solve paradoxical problems (e.g., those characterized by competing business and security objectives).
- Collaboration - we adapt a globally-minded approach to connect diverse stakeholders across the Firm and the sector to drive meaningful change at scale.
- ID: #44650444
- State: New York New york city 10022 New york city USA
- City: New york city
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2022-08-06
- Deadline: 2022-10-04
- Category: Et cetera