Vice President, Technology Risk & Controls
Job in
Wilmington, New Castle County, Delaware, 19893, USA
Listed on 2026-07-16
Listing for:
BlackRock
Full Time
position Listed on 2026-07-16
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Project Manager
Job Description & How to Apply Below
* ** Business Overview*
* At Black Rock, the Enterprise Technology Risk & Controls team operates within the first line of defense and is responsible for advancing technology risk management, control effectiveness, and enterprise resilience across the firm. The team partners with Engineering, Information Security, Risk & Quantitative Analysis, Internal Audit, and senior technology leaders to establish and mature technology risk management practices that enable informed decision-making and measurable risk reduction.
The Technology Controls & Risk Management team is focused on strengthening the firm's technology control environment through improved control design, policies and standards, outcome-based metrics, enterprise risk indicators, and risk reduction initiatives aligned to the firm's most significant technology risks.
** Role Description*
* We are seeking a forward-thinking Technology Risk VP to help shape the future of technology risk management, control effectiveness, and resilience part of the Enterprise Technology Risk & Controls team, this individual will influence how technology risk is governed, measured, monitored, and reduced across one of the world's largest and most complex technology environments.
The role will partner closely with Engineering, Information Security, Operational Risk, Internal Audit, and senior technology leaders to develop modern risk frameworks, establish forward-looking risk indicators, strengthen control effectiveness, and drive strategic risk reduction initiatives.
The successful candidate will enable continuous visibility, data-driven decision-making, and measurable risk reduction. This role is ideal for someone who can operate at both strategic and execution levels-building new capabilities, simplifying complex problems, and driving meaningful change across large organizations.
** Key Responsibilities*
* ** Technology Risk & Control Frameworks*
* + Help develop and mature technology risk and control frameworks aligned to enterprise technology risk priorities.
+ Define control objectives that clearly articulate intended risk outcomes and expected control performance.
+ Establish traceability across risks, controls, standards, metrics, issues, and remediation activities.
+ Support consistent adoption of risk and control practices across technology organizations.
** Controls, Policies & Standards*
* + Drive initiatives to mature technology risk policies, standards, and implementation requirements.
+ Partner with stakeholders to improve clarity, consistency, and usability of control requirements.
+ Ensure alignment between policy intent, technology controls, and operational execution.
+ Facilitate cross-functional working groups and stakeholder engagement activities to support adoption and accountability.
** Metrics, Enterprise Risk Indicators & Continuous Monitoring*
* + Design outcome-based control effectiveness measures that provide insight into whether controls are reducing risk as intended.
+ Help develop Key Risk Indicators, Key Performance Indicators, and forward-looking risk signals that provide visibility into technology risk exposure and resilience.
+ Translate technical and operational data into executive-level insights that support technology risk governance, prioritization, and decision-making.
+ Improve transparency of control effectiveness, remediation progress, and measurable risk reduction outcomes.
** Technology Risk Reduction & Resilience*
* + Identify systemic technology risk themes and partner with technology leaders to drive measurable reduction in risk exposure.
+ Support enterprise initiatives focused on technology resilience, software development practices, asset lifecycle management, control modernization, and emerging technology risk domains.
+ Translate risk findings, control weaknesses, and operational trends into action plans with clear ownership, milestones, and measurable outcomes.
+ Track remediation progress and evaluate whether completed actions materially reduce risk.
+ Help leadership prioritize risk reduction efforts based on severity, business impact, control effectiveness, and resilience outcomes.
** Desired Skills & Experience*
* + Strong experience in technology risk management, technology controls, cybersecurity, operational risk, engineering risk management, or related disciplines.
+ Strong understanding of technology control frameworks and industry standards such as NIST, COBIT, ITIL, ISO 27001, CSA CCM, or equivalent.
+ Experience developing policies, standards, control objectives, metrics, risk indicators, or technology risk frameworks.
+ Experience designing control effectiveness measures, or performance measurement capabilities.
+ Strong program management, stakeholder management, and change leadership capabilities.
+ Excellent written and verbal communication skills, with the ability to translate complex technology risks into clear executive-level narratives.
+ Proven ability to influence Engineering, Information Security, Risk, Audit,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×