Senior Analyst, Technology and Cyber Security GRC (City Of London)

Senior Analyst, Technology and Cyber Security GRC

LSEG City Of London, England, United Kingdom

• Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology.
• Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken
• Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment.
• Oversee the implementation of action plans to remediate both Self-Identified Issues and Audit Issues.
• Perform issue closure validation for both Self-Identified Issues and Audit Issues.
• Support the maintenance of a centralised repository of Engineering audit & regulatory evidence and responses for re-use and with reporting.
• Maintain a centralised repository of Customer RFI responses for re-use and with reporting.
• Support the work of wider GRC teams where required and in areas of interest and expertise.
• Work with partners to ensure conformance with Regulatory, Company and Industry standards.
• Supporting the production of required Metrics at committees and forums, as well as representing the team where required.

Key Responsibilities

• Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology.
• Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken
• Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment.
• Oversee the implementation of action plans to remediate both Self-Identified Issues and Audit Issues.
• Perform issue closure validation for both Self-Identified Issues and Audit Issues.
• Support the maintenance of a centralised repository of Engineering audit & regulatory evidence and responses for re-use and with reporting.
• Maintain a centralised repository of Customer RFI responses for re-use and with reporting.
• Support the work of wider GRC teams where required and in areas of interest and expertise.
• Work with partners to ensure conformance with Regulatory, Company and Industry standards.
• Supporting the production of required Metrics at committees and forums, as well as representing the team where required.

Critical Work

• Support the ongoing and periodic regulatory and compliance responses and engagements
• Audit management and coordination
• Issue remediation oversight and closure validation
• Responding to customer RFIs using standardised formats and frameworks
• Quality assurance on library of responses required for customer RFIs etc.

Impact

• The development of the Audit and Regulatory Governance within Technology and Cyber Security divisions will have a significant impact on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings.

Technical / job functional knowledge

• Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001.
• Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres – UK, Europe, US & Asia
• Cyber security qualification e.g. CISMP / Apprenticeship (desirable)
• Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
• IT and cybersecurity policies and standards
• Operational risk frameworks
• Regulatory compliance
• Operational Resilience
• Good understanding of data protection controls
• Financial Services sector experience
• Technology & Cyber Security

Leadership And Management Experience

• Not essential but experience will be recognised, greater focus on work experiences and ability to engage and drive initiatives.

Personal Skills And Capabilities

• Critical thinking
• Objective analysis of poorly defined problems
• Ability to provide robust challenge
• Proficient understanding of financial institutions and underlying business processes
• Partnership and influence
• Resource management
• Negotiation and Partner management
• Resolving Conflicts
• Working with senior stakeholders

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.

Seniority level

Employment type

Job function

Cyber Security Analyst, Incident Response

Security Analyst, Security Operations and Incident Response

Cyber Security Specialist (Security control testing)