Description About this role About this role
At BlackRock, we are looking for Security Professionals who like to innovate and tackle complex problems! We recognize that strength comes from diversity, and we will embrace your unique skills, curiosity, drive, and passion while giving you the opportunity to grow technically and as an individual. Your Team
BlackRock's Application Security team acts as a trusted assessor and risk advisor for the application development teams. The team comprises of security engineers with expertise in software security and penetration testing. We are the go-to team to get an attacker's perspective on any technology and constantly interacts with the numerous Engineering and Software Development teams. Your colleagues will be individuals who are passionate about technology and seek to be at the cutting edge of new cyber attacks, vulnerabilities and security technologies. We are a part of the Information Security pilar within the Global Technology organization. Your Role and Impact
This role analyzes the security of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases, addresses legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. As issues are uncovered they are communicated with the appropriate technical and leadership teams to ensure a focus on risk mitigation - allowing for business continuity, but without negligent risk.
This role requires threat and vulnerability assessment capabilities, experience with securing systems and applications across a wide variety of cloud infrastructures, creative problem solving, and a passion for learning.
Being a member of our team means that you are:
- Passionate about improving security
- Curious and enjoy learning new things
- Love working on a team, share knowledge and have superb communication skills
- Interested to learn about both the business and technology sides of a fin-tech organization
- Assess security of software projects and improving cloud-based security programs
- Perform vulnerability and penetration testing. Document security findings with reasonable methods to secure.
- Perform threat assessments to identify possible risks and providing security recommendations and advice.
- Coordinate remediation efforts after security assessment findings outline weaknesses requiring attention.
- 7+ years of experience in software security as a practitioner with exposure to vulnerability and penetration testing, threat modeling of applications, and code reviews
- Vulnerability, penetration-testing, and threat modeling skills
- Experience with security of intra-company and third-party APIs
- Experience with dynamic and static analysis tools
- Familiarity with tools such as Git, CI/CD pipelines, Docker, Kubernetes, and experience with scripting languages such as Python
- Familiarity with cloud and container security solutions such as Dome 9 and Aqua Security, or similar
- Network, Web protocols, and encryption experience, including SSL/TLS and public key infrastructure (PKI)
- Strong teamwork, communication skills and attention management abilities
- Bachelor's, Master's degree or equivalent in computer science, programming, information security or engineering preferred
- Financial knowledge and interest are recommended
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about. Our hybrid work pilot
BlackRock's current hybrid work pilot is designed to help you experience the best of both worlds: the opportunity to connect with colleagues in person and the flexibility to work remotely, with greater time to focus on what's important to you. In line with local health guidance and regulations, employees are generally expected to work 3 days in the office and 2 days from home (on average) each week. For some business groups, more time may be required in the office, while greater flexibility may be in place for others. Our "One BlackRock" culture means you'll be supported to collaborate with your new colleagues while bringing your full self to work - wherever you are.
The health, safety and well-being of our people will always be our top priorities; we will continue to monitor local conditions and health advisories in making decisions about our work environments. About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children's educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment - the one we make in our employees. It's why we're dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit careers.blackrock.com | www.blackrock.com/corporate | Instagram: @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an Equal Opportunity Employer. We evaluate qualified applicants without regard to age, disability, family status, gender identity, race, religion, sex, sexual orientation and other protected attributes at law.