You are viewing a preview of this job. Log in or register to view more details about this job.

Supply Chain Security Program Analyst

BlackRock
Email

Apply using this link

 

About Our Team

The Information Security team member will support the Supply Chain Security team and assist with the assessment, governance, and documentation of technical security risks across third-party technologies used within the firm. The candidate will contribute to security assessments of new and existing third-party tools and platforms and support Information Security engagement with business and technology teams. This role is suited for a recent graduate who is detail-oriented, proactive, and familiar with core information security and technology risk concepts.

Responsibilities Include:

• Support pre- and post-implementation security assessments of new technology products being introduced into the firm’s technology environment, including SaaS and PaaS products
• Assist with governance and oversight activities for existing and new SaaS and PaaS products
• Support assessments of Internet of Things (IoT) deployments, including connected devices and supporting platforms
• Assist with security assessments of tokenization platforms and distributed ledger technologies
• Support reviews of AI-enabled and agentic tools, including evaluation of data access, integrations, and control considerations
• Assist in identifying baseline security controls and integration requirements for technologies under review
• Contribute to the documentation of security requirements and assessment findings in formal security reports
• Support communication of risk assessment findings to Information Security stakeholders and business partners
• Assist with tracking of remediation activities and follow-ups for identified risks
• Support security assessments of third-party software packages deployed on end-user machines
• Assist in identifying opportunities to improve security posture and documenting mitigation approaches
• Support the documentation and maintenance of Information Security policies, standards, and assessment templates
• Maintain effective working relationships with Information Security, technology, and risk partners across the organization
• Strong attention to detail and a structured, process-oriented approach to work
• Ability to follow established assessment procedures and governance processes
• Clear written and verbal communication skills
• Ability to understand and document technical and security concepts
• Ability to assess risks with guidance and escalate issues appropriately
• Strong organizational and prioritization skills
• Ability to manage multiple tasks simultaneously and meet deadlines
• Willingness to learn new technologies and security domains
• Ability to work effectively in a global, team-based environment

Preferred Experience:

• Pursuing a Bachelor’s degree in Business, Computer Science, Computer Engineering, Information 
Security, Information Systems, or a related field preferred
• Foundational knowledge of information security concepts and technology risk
• Familiarity with cloud technologies, including SaaS and PaaS
• Basic understanding of internet and web security concepts
• Exposure to data analysis tools such as Excel; basic Python or SQL knowledge is a plus
• Awareness of information security frameworks such as ISO 27001, NIST, or similar
• Academic, internship, or project-based exposure to cybersecurity, technology risk, or emerging 
technologies preferred