London Stock Exchange Group

Principle Specialist, Audit and Regulatory Governance, Cyber Security GRC

London, London, United Kingdom, United Kingdom
Competitive salary
28 Nov 2022
22 Dec 2022
Approved employers
Approved employer
Job role
Key responsibilities
Support the first line cyber regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with best practice
Manage the Governance of cyber related Internal Audit and External audit actions undertaken.
Support the development and maintenance of central repository of Cybersecurity regulatory guidance aligned to NIST FSSCC and Cybersecurity Standards with workflow delivering timely evidence and responses to regulatory exams, questionnaires, and assessments.
Manage a centralised repository of Cybersecurity audit & regulatory evidence and responses for re-use and with reporting.
Responsible for maintaining a combined (COMCO) central repository of customer responses (RFI's) to NIST FSSCC with workflow delivering timely, consistent responses to RFIs.
Maintain a centralised repository of RFI responses for re-use and with reporting.
Engage partners in governance forums for awareness and resolve critical issues.
Work closely with Compliance and second line of defence teams to ensure all regulatory and customer responses are addressed in a timely manner.
Work with stakeholders to ensure conformance with Regulatory, Company and Industry standards
Reporting regular updates to relevant committees and management teams, including producing the required Metrics
Engage and Lead on requirements from Operational Resilience Programme - represent the Cyber function in relevant meetings, identify requirements and ensure our function remains compliant with them.
Work with Cyber teams to build out approach for the function to embrace the new regulatory approach as set out by UK and other regulators with a focus on Resilience.

Leadership responsibilities
The new team are in a state of growth, leadership will be required throughout the team to establish itself as a trusted risk partner.
Critical deliverables
Ongoing and periodic regulatory and compliance responses and engagements
Audit engagement management
Audit and Assurance status reporting to Risk and Audit committees
Responding to customer RFIs using standardised formats and frameworks
Quality assurance on library of responses required for customer RFIs etc.
This will be a high-profile role acting as an interface of the cyber security team for all matters involving adherence to regulatory requirements, compliance and customer requests for information
Key KPIs
To be determined
Technical / job functional knowledge
Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
Understanding of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia
Cyber security qualification e.g. CISSP / CISM (desirable)
Information Security auditing qualification e.g. CISA (desirable)
Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
IT and cybersecurity policies and standards
Operational risk frameworks
Regulatory compliance
Technology resiliency
Data protection
Business and sector expertise
Financial Services
Technology & Cyber Security
Leadership and management experience
Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives.
Personal skills and capabilities
Critical thinking
Objective analysis of poorly defined problems
Proficient understanding of financial institutions and underlying business processes
Regulatory and Audit engagement
Partnership and influence
Resource management
Negotiation and Partner management
Technological, organizational and/or operational change management
Resolving Conflicts

At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise of creating essential partnerships and open opportunities. Our open culture is central to how we deliver our purpose - driving financial stability, empowering economies and enabling customers to create sustainable growth - in everything we do.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 70 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.

Similar jobs

Similar jobs