Vendor Risk Management Lead

BlackRock is one of the world's preeminent asset management firms and a leading provider of investment management, risk management, and advisory services to diverse investors globally. BlackRock offers our clients a range of solutions, from rigorous fundamental and quantitative active management strategies to highly-efficient index strategies for broad exposure to the world's capital markets. Our clients access our investment solutions through a variety of products, including individual and institutional separate accounts, mutual funds, other pooled investment vehicles, and the industry-leading iShares® ETFs.

Understanding and managing risk is the cornerstone of BlackRock's approach to responsible investing. Our Risk and Quantitative Analysis (RQA) group promotes BlackRock as a leader in risk management by providing independent top-down and bottom-up oversight to help identify investment, counterparty, operational, regulatory, technology, and third party risks. Within RQA, the goal of Vendor Risk Management (VRM) is to work with internal and external business partners to identify the inherent risks of engaging vendors and other third parties and to review their controls and ongoing performance to assess the residual risks for our company.


  • Collaborate with multiple internal business and sourcing teams, including enterprise services, fund administration, human resources, marketing, professional services, and technology to identify, address, and communicate inherent and residual vendor risks.
  • Develop strong relationships with key department heads (including regional managers) to ensure vendor risk is understood and managed appropriately.
  • Generate vendor due diligence questionnaires for high-risk services.
  • Review vendor responses and other due diligence documentation; engage and coordinate input from risk Subject Matter Experts (SMEs), such as compliance, corporate risk, data privacy, information security, and legal.
  • Document and communicate due diligence results, residual risks, and ongoing vendor management tasks to business managers.
  • Address vendor operating events to ensure appropriate remediation plans are prepared by working closely with the business and risk SMEs.
  • Oversee and document contract and risk remediation activities for third party relationships.
  • Monitor and review vendor performance reports prepared by business users.
  • Conduct annual vendor risk segmentation and establish inherent risk ratings for new vendors.
  • Provide input and periodically test updates to the firm's risk systems.
  • Ensure RQA risk processes are followed and appropriately documented.
  • Represent VRM on various internal risk and control committees plus other working groups.


  • 5+ years of vendor or other third party-related risk management experience, preferably within the financial services industry.
  • Solid understanding of the banking industry's regulatory requirements for managing third parties (e.g., OCC, FFIEC, FCA, FRB, MAS).
  • Familiarity with service organization reports (SSAE 18 / ISAE 3402) and other industry certifications (e.g., ISO, PCI-DSS, SysTrust).
  • Experience reviewing and recommending control-related contractual terms and conditions.
  • Strong analytical skills.
  • Ability to communicate effectively with business partners.
  • Ability to develop and maintain effective working relationships at all levels throughout the firm.
  • Strong writing skills.
  • Ability to multitask and complete difficult assignments with tight deadlines.
  • BS/BA required, preferably Business, Finance, Risk Management, or Technology.

BlackRock is proud to be an Equal Opportunity and Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, national origin, religion, sex, disability, veteran status, and other statuses protected by law.

Meet Some of BlackRock's Employees


Vice President, Quality Engineering

Tyron works with the Aladdin Quality Engineering Team, focused on improving the quality of the Aladdin platform, reducing defects and improving productivity by building software to test software.


Vice President, Legal & Compliance

As a VP working in the Legal & Compliance Department, Jasmin uses her legal expertise to advance advocacy on behalf of BlackRock while ensuring the firm is compliant with regulatory reforms.

Back to top