City of London, London, United Kingdom Hybrid / WFH Options
CLS Group
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
London, England, United Kingdom Hybrid / WFH Options
CLS-Group
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
cloud computing platforms (e.g., Azure) in a regulated environment. Familiarity with data analytics platforms and financial data governance tooling. Strong working knowledge of financial compliance frameworks (e.g., GLBA, SOX, FFIEC CAT, NYDFS). Familiarity with privacy regulations (GDPR, CCPA) and best practices in data governance. Certifications such as CISSP, CISM, CISA, CRISC, or Certified Data Protection Officer (CDPO) are highly More ❯
BI, Tableau). Ability to manage multiple priorities and deadlines in a dynamic environment. Preferred Qualifications: Experience with insider threat detection and monitoring tools. Knowledge of regulatory requirements (e.g., FFIEC, SOX, GLBA) and their application to insider risk. Professional certifications such as CISA, CRISC, CISSP, or similar are highly desirable. At BNY, our culture speaks for itself. Heres a few More ❯
Risk, Operational Risk, Technology, Vice President, London Job Description RISK The Risk Division is a team of specialists charged with managing the firm’s credit, market, liquidity, operational and capital risk. Whether assessing the creditworthiness of the firm’s counterparties More ❯
corrective action is taken. Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
corrective action is taken. Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
State Street
cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security. Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645). What We Value These skills will help you succeed in this role Developing governance frameworks for encryption and cryptographic … Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645). Additional requirements Travel up to 10% may be required Are you the right candidate? Yes! We truly believe in More ❯
CCSP, AWS Security Fundamentals, AWS Certified Security). Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook. Excellent package on offer Hybrid, 2 days onsite/City of London Ideally from a Financial Services background/regulated markets. Apply For Job #J-18808-Ljbffr More ❯
NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Program and project manage GRC delivery engagements • Participate in strategic risk management and regulatory compliances transition and transformation engagements. • Develop knowledge base, re-usable components for GRC advisory services. … Excellent technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST More ❯
in IT Risk Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits, control More ❯
risk analysis and assessment Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
risk analysis and assessment Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
risk analysis and assessment Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
risk analysis and assessment Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
risk analysis and assessment Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each subject More ❯
operations of PAM platforms. Partner with infrastructure, cloud, and DevSecOps teams to integrate PAM into hybrid and cloud-native environments. Risk & Compliance: Ensure alignment with global regulatory requirements (e.g., FFIEC, EBA, MAS, APRA, etc.) and internal policies .Manage audit readiness, response, and remediation related to privileged access. People & Stakeholder Management: Lead and develop a high-performing, globally distributed PAM team. More ❯
team. Participate in IAM audit and review access control reports to identify potential risks. Business facing experience. Desirable Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC) Experience of documenting IAM processes and procedures. Flexibility in working in a 24/7 shift model Risk Management processes. Incident management. Splunk experience. ServiceNow experience. Technical graduate. We are More ❯
London, England, United Kingdom Hybrid / WFH Options
MUFG Americas
Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a More ❯
and operational costs. Cybersecurity & Compliance • Establish and maintain a robust cybersecurity framework to protect member data and mitigate risk. • Ensure compliance with federal and state regulations, including NCUA, DFPI, FFIEC, and GLBA requirements. • Conduct regular security assessments, audits, and incident response planning. Digital Innovation & Member Experience • Provide thought leadership on the evaluation, selection, and implementation of digital solutions, including online More ❯
management, security governance, and analytical thinking Emerging knowledge of relevant regulatory frameworks and industry guidelines, such as NIST, ISO, CRI Profile, and regional or jurisdictional regulatory frameworks such as FFIEC, and GDPR Developing knowledge of controls industry Preferred qualifications, capabilities, and skills Ability to manage a varied workload as required by regulatory bodies. Good understanding of ITIL Technology processes (IT More ❯
management, security governance, and analytical thinking Emerging knowledge of relevant regulatory frameworks and industry guidelines, such as NIST, ISO, CRI Profile, and regional or jurisdictional regulatory frameworks such as FFIEC, and GDPR Developing knowledge of controls industry Preferred qualifications, capabilities, and skills Ability to manage a varied workload as required by regulatory bodies. Good understanding of ITIL Technology processes (IT More ❯
team. Participate in IAM audit and review access control reports to identify potential risks. Business-facing experience. Desirable Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC). Experience of documenting IAM processes and procedures. Flexibility in working in a 24/7 shift model. Risk Management processes. Incident management. Splunk experience. ServiceNow experience. Technical graduate. We More ❯
