VP, Information Security

About this role About BlackRock: BlackRock’s purpose is to help more and more people experience financial well-being and the firm has a long history of investing in and serving investors in China. BlackRock aspires to become the leading global asset management firm operating in China and is committed to contributing to the long-term development of the local asset management industry. Responsibilities In partnership with the China Technology Leadership and regional BlackRock Information Security group, the individual will: Be responsible for providing information security leadership in the BEM, driving security activities and projects, as well as developing and optimizing the FMC’s capabilities across core disciplines of Information security Information Security Governance and Reporting Cyber Security Operations Management, in partnership with other BlackRock Entities in China Security Risk Assessments and Vulnerability Management Application Security Maintain and evolve security policies and standards for the BlackRock China, in conjunction with evolving regulatory and operational security requirements Provide security advisory to Business and IT partners in the development of security controls and solutions to manage cyber risks for the firm Identity and Access Management, including privilege access management Compliance to regulatory security requirements Take on the pivotal role in overseeing and governing the AIM program spanning the realms of identity & access governance, entitlements recertification's and associated identity & access lifecycle management procedures. The individual will also be required to guide the AIM Program Lead and provide support in administering the access rights to China employees for required access to core systems where the need arises. Other responsibilities of the individual include: Cyber Specialists Management: Responsible for leading the team of cyber specialists in the BEM to ensure that all operational security requirements of the BlackRock China are met, in conformance to the BlackRock China’s security policies and compliance obligations. Security Incident Management: Responsible for the management of all information security related events in the firm, partnering with senior stakeholders to ensure timely reporting, escalations and closeout Metrics and Reporting: Deliver Information Security dashboard and metrics, covering AIM and other program areas to the China Tech leadership team on a periodic basis, to report on the state of the security program. Employee Awareness Training: The successful candidate will also lead the information security awareness program to ensure staff are trained on policy and compliance requirements Requirements: At least 10 years of full-time work experience in information security management and/or related functions (Technology Risk Management, Technology Infrastructure Management) with information security management qualifications such as CISSP, SANs, CRISC, CISM etc. Knowledge of enterprise technology platforms, from the desktop through to back end infrastructure would be considered an advantage Exceptional interpersonal skills with ability to communicate with senior leaders and technology teams alike. Ability to work independently and adapt to changing business priorities Detail oriented individual, with a keen eye towards details Experience and good knowledge of Identity Governance and Identity Lifecycle management Proficiencies in one or more of the following technical IT security domains or equivalent: Network Security, Cloud Governance, Cyber Operations, Forensics, Access and Identity Management Governance etc. Knowledge of domestic China cyber and technological regulations, or experience in dealing with regulators and clients in relation to cybersecurity focused topics during regulatory examinations or client due diligence sessions will be a plus Strong proficiencies in both English and Mandarin (Verbal/Written) Hands-on ... (truncated, view full listing at source)