BlackRock, Inc. is one of the world's largest asset managers, overseeing $11+ trillion in assets across 38 global locations. With a workforce of 21,000+ people speaking 100+ languages, the company operates at a scale where the attack surface is massive and the threat model is real: financial data, proprietary trading systems, and client assets are all in play.
At the center of the tech stack is Aladdin, the proprietary platform that handles investment analytics, risk modeling, and portfolio management for BlackRock and its clients. Protecting Aladdin means defending against threats to financial infrastructure at institutional scale - think credential compromise targeting high-value accounts, supply chain risks in a deeply integrated vendor ecosystem, and the constant pressure of nation-state actors eyeing financial sector targets.
The security team works across domains including Financial Technology, Data Analytics, and Risk Management, which in practice means securing cloud and on-prem infrastructure, hardening data pipelines, and building controls around systems that process market-sensitive information. BlackRock's global footprint - spanning dozens of countries and regulatory regimes - adds complexity to identity management, data sovereignty, and incident response at scale.
This is not a startup security org. The stakes are measured in trillions, the compliance requirements span SEC, GDPR, and financial regulators worldwide, and the technology footprint touches everything from real-time trading systems to client-facing portals. The work is concrete, the scope is enormous, and the adversary set is well-funded and persistent.