Enable job alerts via email!
Senior Analyst, Technology and Cyber Security GRC
London Stock Exchange Group
London
On-site
GBP 200,000 +
Full time
30+ days ago
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking a skilled professional to enhance their Technology and Cyber Security governance. This role involves supporting compliance functions, conducting quality reviews, and managing audit actions to ensure adherence to industry standards. You will work closely with various teams to validate issue closures and maintain essential repositories of regulatory evidence. The ideal candidate will possess a strong understanding of control frameworks and cyber security practices, along with critical thinking and negotiation skills. Join a dynamic environment where your contributions will significantly impact the organization's cyber resilience and compliance efforts.
Qualifications
- Awareness of control frameworks and regulatory requirements in technology and cyber security.
- Demonstrable knowledge of cyber security controls like Incident Management and Data Protection.
Responsibilities
- Support the governance of technology & cyber related audit and compliance matters.
- Perform quality reviews and oversee action plans for audit issues.
Skills
Critical thinking
Objective analysis
Negotiation
Resource management
Partnership and influence
Education
Cyber security qualification (CISMP)
Apprenticeship in Cyber Security
Tools
NIST
COBIT
ISO27001
Job description
Key responsibilities
Critical Work
Impact
Technical / job functional knowledge
Leadership and management experience
Personal skills and capabilities
- Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology.
- Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken.
- Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment.
- Oversee the implementation of action plans to remediate both Self-Identified Issues and Audit Issues.
- Perform issue closure validation for both Self-Identified Issues and Audit Issues.
- Support the maintenance of a centralised repository of Engineering audit & regulatory evidence and responses for re-use and with reporting.
- Maintain a centralised repository of Customer RFI responses for re-use and with reporting.
- Support the work of wider GRC teams where required and in areas of interest and expertise.
- Work with partners to ensure conformance with Regulatory, Company and Industry standards.
- Support the production of required Metrics at committees and forums, as well as representing the team where required.
Critical Work
- Support the ongoing and periodic regulatory and compliance responses and engagements.
- Audit management and coordination.
- Issue remediation oversight and closure validation.
- Responding to customer RFIs using standardised formats and frameworks.
- Quality assurance on library of responses required for customer RFIs etc.
Impact
- The development of the Audit and Regulatory Governance within Technology and Cyber Security divisions will have a significant impact on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings.
Technical / job functional knowledge
- Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001.
- Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia.
- Cyber security qualification e.g. CISMP / Apprenticeship (desirable).
- Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
- IT and cybersecurity policies and standards.
- Operational risk frameworks.
- Regulatory compliance.
- Operational Resilience.
- Good understanding of data protection controls.
- Financial Services sector experience.
- Technology & Cyber Security.
Leadership and management experience
- Not essential but experience will be recognised; greater focus on work experiences and ability to engage and drive initiatives.
Personal skills and capabilities
- Critical thinking.
- Objective analysis of poorly defined problems.
- Ability to provide robust challenge.
- Proficient understanding of financial institutions and underlying business processes.
- Partnership and influence.
- Resource management.
- Negotiation and Partner management.
- Resolving Conflicts.
- Working with senior stakeholders.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
