Technology Audit, Associate

Internal Audit’s primary mission is to provide assurance to the Board of Directors and Executive Management that BlackRock’s businesses are well managed and meeting strategic, operational and risk management objectives. The team engages with senior leaders and all of BlackRock’s individual business units globally to understand and advise on the risks in their business, evaluate the effectiveness of key processes and assist in the design of best practices that can improve their results. Internal Audit reports directly to the Audit Committee of the Board of Directors, and our work builds confidence that BlackRock will meet its obligations to clients, shareholders, employees and other stakeholders.

Technology Audit

The Technology Audit Team, also in the US, Europe and Asia, performs design review and testing related to technology controls across application systems and infrastructure components such as databases, operating systems, data centers and messaging platforms.

BlackRock's first international office, Edinburgh has been a key part of BlackRock's success for over 25 years and a hub for the UK asset management industry.  An operational Centre of Excellence, bringing together talent and technology across Investments, Aladdin, Operations and Corporate functions to drive growth and development in the region. The Edinburgh office is known for its culture of diversity and is rooted in the local community and economy. 

Technology Audit Associate Responsibilities & Qualifications

Specific responsibilities include:

• Engaging BlackRock stakeholders to understand and identify key processes and risks within a specific business unit or technology

• Contribute to the risk-based decision making of audit scope

• Reviewing, testing, and assessing the effectiveness of technology controls in business-integrated audits in which there is close interaction between business and technology partners.  This role also includes technology-led audits across all aspects of information technology including cybersecurity, software, hardware, database, messaging, network and cloud

• Identifying and escalating issues identified during testing

• Overseeing issue remediation

• Identifying emerging firm-wide and business risks, understanding organizational changes through periodic engagements with business units, and completing risk assessments of these areas

• Contributing to global department-wide initiatives

Education and Experience

• Undergraduate or graduate degree in management information systems, engineering, technology, computer science or a related field is preferred. BA/BS or equivalent is required.

• At least 3 years in a technology audit and/or technology risk management function, preferably within the Finance Industry.

• Familiarity with financial instruments and asset management processes.

• Knowledge of regional and global regulatory requirements.

Technology Skills

• Relevant professional certifications are a plus (e.g., CISA, CISM, CRISC, CEH).

• Strong understanding of application development, databases, operating systems, networking and other key technology infrastructure components.

• Knowledge of ISO, ITIL and COBIT

• Knowledge of technology controls including application security management, system architecture and design, technology operations, and technology governance.

Soft Skills

• Intellectual curiosity, critical thinking and problem solving.

• Commitment and strong work ethic.

• Excellent communication (verbal, written, listening) and interpersonal skills.