VP, Information Security
SH7 - Azia Center, 1233 Lujiazui Ring Road, Unit 701B - 702, 703, 704 Shanghai, Pudong, China
BlackRock
Seit über 30 Jahren arbeitet BlackRock daran, die Wirtschaft zu stärken und Anlegern zu ihren finanziellen Zielen zu verhelfen.About this role
BlackRock China Fund Management Company (FMC):
BlackRock’s purpose is to help more and more people experience financial well-being and the firm has a long history of investing in and serving investors in China. BlackRock aspires to become the leading global asset management firm operating in China and is committed to contributing to the long-term development of the local asset management industry. BlackRock China Fund Management Company, a Shanghai-based wholly-owned subsidiary of BlackRock, aims to extend its asset and risk management expertise and offer Chinese investors innovative and diversified mutual fund products and investment solutions to help transform more cash savers into long-term investors.
About this role:
Reporting into the Chief Technology Officer, the Information Security Officer will lead all aspects of the management of the FMC’s information security program in China, alongside direct accountability for system access management.
Responsibilities
In partnership with the Chief Technology Officer and regional BlackRock Information Security group, the individual will:
- Be responsible for providing information security leadership in the FMC, driving security activities and projects, as well as developing and optimizing the FMC’s capabilities across core disciplines of Information security
- Information Security Governance and Reporting
- Cyber Security Operations Management, in partnership with BEM
- Security Risk Assessments and Vulnerability Management
- Application Security
- Maintain and evolve security policies and standards for the WMC, in conjunction with evolving regulatory and operational security requirements
- Provide security advisory to Business and IT partners in the development of security controls and solutions to manage cyber risks for the firm
- Identity and Access Management, including privilege access management
- Compliance to regulatory security requirements
- Take on the pivotal role in overseeing and governing the IAM program spanning the realms of identity & access governance, entitlements recertification's and associated identity & access lifecycle management procedures. The individual will also be required to guide the IAM Program Lead and provide support in administering the access rights to China FMC employees for required access to core systems where the need arises.
- Other responsibilities of the individual include:
- Cyber Specialists Management: Responsible for leading the team of cyber specialists in the FMC to ensure that all operational security requirements of the FMC are met, in conformance to the FMC’s security policies and compliance obligations.
- Security Incident Management: Responsible for the management of all information security related events in the firm, partnering with senior stakeholders to ensure timely reporting, escalations and closeout
- Metrics and Reporting: Deliver Information Security dashboard and metrics, covering AIM and other program areas to the CTO and the FMC committees on a periodic basis, to report on the state of the security program.
- Employee Awareness Training: The successful candidate will also lead the information security awareness program to ensure staff are trained on policy and compliance requirements
Requirements:
- At least 10 years of full-time work experience in information security management and/or related functions (Technology Risk Management, Technology Infrastructure Management) with information security management qualifications such as CISSP, SANs, CRISC, CISM etc.
- Knowledge of enterprise technology platforms, from the desktop through to back end infrastructure would be considered an advantage
- Exceptional interpersonal skills with ability to communicate with senior leaders and technology teams alike.
- Ability to work independently and adapt to changing business priorities
- Detail oriented individual, with a keen eye towards details
- Experience and good knowledge of Identity Governance and Identity Lifecycle management
- Proficiencies in one or more of the following technical IT security domains or equivalent: Network Security, Cloud Governance, Cyber Operations, Forensics, Access and Identity Management Governance etc.
- Knowledge of domestic China cyber and technological regulations, or experience in dealing with regulators and clients in relation to cybersecurity focused topics during regulatory examinations or client due diligence sessions will be a plus
- Strong proficiencies in both English and Mandarin (Verbal/Written)
- Hands-on team leadership and management experience, ideally coupled with suitable management qualifications
Our benefits
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.
Our hybrid work model
BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.
About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CISM CISSP Cloud Compliance CRISC Finance Forensics Governance IAM Network security Risk assessment Risk management SANS Vulnerability management
Perks/benefits: Career development Flex hours Flex vacation Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.