Director, Third Party Risk Management
About This Role
The Risk & Quantitative Analysis (RQA) group provides independent oversight of BlackRock’s fiduciary and enterprise risks. RQA’s mission is to advance the firm’s risk management practices and deliver independent risk advice and constructive challenge to drive better business and investment outcomes. While fulfilling this mission, RQA provides quantitative analysis and evidence-based insights to many of BlackRock’s businesses, helping to promote the spread of best practices across the firm.
Third Party Risk
Third Party Risk Management works with internal and external business and risk partners to identify the risks that existing, and potential, third parties introduce to BlackRock and our clients, and assess controls to mitigate those risks through initial and ongoing due diligence, incident management and performance monitoring. BlackRock’s third parties include fund operations providers, technology vendors, index and market data providers, distributors and real asset service providers where BlackRock owns or is responsible for operating a physical asset.
Key Responsibilities
- Own the firm’s framework and policy for managing third party risks, with a particular focus on resilience-related risks for critical third parties.
- Collaborate with internal business stakeholders, including risk partner and enterprise vendor governance teams, to monitor, escalate and oversee the remediation of third-party risk issues identified.
- Represent BlackRock’s third party risk program to relevant regulators (e.g. OCC).
- Lead Third-Party Risk Management for Americas region.
- Develop a testing program to challenge third-party risk management resilience-related processes and controls across the business to help identify vulnerabilities with critical third party and counterparty relations, in alignment with wider testing programs (e.g. global operational resilience testing).
- Maintain and evolve program to review and test critical third-party exit and replacement strategies.
- Expand insights gained through the use of continuous monitoring of the firm’s critical and high risk third-party supply chains, to scale the firm’s efforts to detect, assess and manage emerging third-party risks.
- Mature the firm’s oversight and assessment of third party concentration risks.
Experience
- 10+ years of enterprise risk or third-party risk management related experience, preferably within investment management.
- Experience developing a third-party risk testing program, particularly focusing on operational resilience.
- Established, or ability to establish, strong business relationships with partner functions (e.g. Information Security and Enterprise Resilience) while exerting challenge to influence the evolution of the risk framework and/or business processes.
- Proven and effective written and verbal communication skills to all levels of the organization including external regulators and Boards.
- BS/BA required, preferably Business, Finance, Risk Management - CTTPR designation a plus.
Qualifications
- Working knowledge of third party regulatory requirements, e.g. Third-Party Relationships: Interagency Guidance on Risk Management, Digital Operational Resilience Act, EBA Outsourcing Guidelines, and/or Operational Resiliency local regulatory requirements.
Benefits
For New York, NY Only the salary range for this position is USD$194,000.00 - USD$270,000.00. Additionally, employees are eligible for an annual discretionary bonus, and benefits including healthcare, leave benefits, and retirement benefits. BlackRock operates a pay-for-performance compensation philosophy and your total compensation may vary based on role, location, and firm, department and individual performance.
Pay
For New York, NY Only the salary range for this position is USD$194,000.00 - USD$270,000.00.
Schedule
BlackRock operates a hybrid work model, with employees currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities.