Senior Analyst, Audit and Regulatory Governance, Cyber Security GRC
- Recruiter
- London Stock Exchange Group
- Location
- London, London, United Kingdom, United Kingdom
- Salary
- Competitive salary
- Posted
- 05 Oct 2022
- Closes
- 03 Nov 2022
- Ref
- R0055415
- Approved employers
- Approved employer
- Job role
- Audit
- Sector
- Digital
Key responsibilities
Support the first line cyber regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with best practice
Manage the Governance of cyber related Internal Audit and External audit actions undertaken.
Develop and maintain the central repository of Cybersecurity regulatory guidance aligned to NIST FSSCC and Cybersecurity Standards with workflow delivering timely evidence and responses to regulatory exams, questionnaires, and assessments.
Maintain a centralised repository of Cybersecurity audit & regulatory evidence and responses for re-use and with reporting.
Supporting the maintenance of a combined (COMCO) central repository of customer responses (RFI's) to NIST FSSCC with workflow delivering timely, consistent responses to RFIs.
Maintain a centralised repository of RFI responses for re-use and with reporting.
Support the work of wider GRC teams where required and in areas of interest.
Work with stakeholders to ensure conformance with Regulatory, Company and Industry standards.
Supporting the production of required Metrics at committees and forums, as well as representing the team where required.
Leadership responsibilities
N/A
Critical deliverables
Support the ongoing and periodic regulatory and compliance responses and engagements
Audit engagement management
Coordinating RFIs within the Function
Responding to customer RFIs using standardised formats and frameworks
Quality assurance on library of responses required for customer RFIs etc.
Impact
The development of the Audit and Regulatory Governance within Cyber Security will have a significant impact on the resources of other teams in cyber.
Key KPIs
To be determined
Technical / job functional knowledge
Awareness and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia
Cyber security qualification e.g. CISMP / Apprenticeship (desirable)
Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
IT and cybersecurity policies and standards
Operational risk frameworks
Regulatory compliance
Operational Resilience
Data protection
Business and sector expertise
Financial Services
Technology & Cyber Security
Leadership and management experience
Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives.
Personal skills and capabilities
Critical thinking
Objective analysis of poorly defined problems
Proficient understanding of financial institutions and underlying business processes
Partnership and influence
Resource management
Negotiation and Partner management
Resolving Conflicts
At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise of creating essential partnerships and open opportunities. Our open culture is central to how we deliver our purpose - driving financial stability, empowering economies and enabling customers to create sustainable growth - in everything we do.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 70 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.
LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject.
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.
Support the first line cyber regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with best practice
Manage the Governance of cyber related Internal Audit and External audit actions undertaken.
Develop and maintain the central repository of Cybersecurity regulatory guidance aligned to NIST FSSCC and Cybersecurity Standards with workflow delivering timely evidence and responses to regulatory exams, questionnaires, and assessments.
Maintain a centralised repository of Cybersecurity audit & regulatory evidence and responses for re-use and with reporting.
Supporting the maintenance of a combined (COMCO) central repository of customer responses (RFI's) to NIST FSSCC with workflow delivering timely, consistent responses to RFIs.
Maintain a centralised repository of RFI responses for re-use and with reporting.
Support the work of wider GRC teams where required and in areas of interest.
Work with stakeholders to ensure conformance with Regulatory, Company and Industry standards.
Supporting the production of required Metrics at committees and forums, as well as representing the team where required.
Leadership responsibilities
N/A
Critical deliverables
Support the ongoing and periodic regulatory and compliance responses and engagements
Audit engagement management
Coordinating RFIs within the Function
Responding to customer RFIs using standardised formats and frameworks
Quality assurance on library of responses required for customer RFIs etc.
Impact
The development of the Audit and Regulatory Governance within Cyber Security will have a significant impact on the resources of other teams in cyber.
Key KPIs
To be determined
Technical / job functional knowledge
Awareness and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia
Cyber security qualification e.g. CISMP / Apprenticeship (desirable)
Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
IT and cybersecurity policies and standards
Operational risk frameworks
Regulatory compliance
Operational Resilience
Data protection
Business and sector expertise
Financial Services
Technology & Cyber Security
Leadership and management experience
Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives.
Personal skills and capabilities
Critical thinking
Objective analysis of poorly defined problems
Proficient understanding of financial institutions and underlying business processes
Partnership and influence
Resource management
Negotiation and Partner management
Resolving Conflicts
At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise of creating essential partnerships and open opportunities. Our open culture is central to how we deliver our purpose - driving financial stability, empowering economies and enabling customers to create sustainable growth - in everything we do.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 70 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.
LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject.
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.
Similar jobs
-
New
-
New