City of London, London, United Kingdom Hybrid / WFH Options
CLS Group
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
London, England, United Kingdom Hybrid / WFH Options
CLS-Group
Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal More ❯
cloud computing platforms (e.g., Azure) in a regulated environment. Familiarity with data analytics platforms and financial data governance tooling. Strong working knowledge of financial compliance frameworks (e.g., GLBA, SOX, FFIEC CAT, NYDFS). Familiarity with privacy regulations (GDPR, CCPA) and best practices in data governance. Certifications such as CISSP, CISM, CISA, CRISC, or Certified Data Protection Officer (CDPO) are highly More ❯
Risk, Operational Risk, Technology, Vice President, London Job Description RISK The Risk Division is a team of specialists charged with managing the firm’s credit, market, liquidity, operational and capital risk. Whether assessing the creditworthiness of the firm’s counterparties More ❯
Edinburgh, Scotland, United Kingdom Hybrid / WFH Options
State Street
cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security. Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645). What We Value These skills will help you succeed in this role Developing governance frameworks for encryption and cryptographic … Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645). Additional requirements Travel up to 10% may be required Are you the right candidate? Yes! We truly believe in More ❯
CCSP, AWS Security Fundamentals, AWS Certified Security). Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook. Excellent package on offer Hybrid, 2 days onsite/City of London Ideally from a Financial Services background/regulated markets. Apply For Job #J-18808-Ljbffr More ❯
NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Program and project manage GRC delivery engagements • Participate in strategic risk management and regulatory compliances transition and transformation engagements. • Develop knowledge base, re-usable components for GRC advisory services. … Excellent technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST More ❯
in IT Risk Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits, control More ❯
operations of PAM platforms. Partner with infrastructure, cloud, and DevSecOps teams to integrate PAM into hybrid and cloud-native environments. Risk & Compliance: Ensure alignment with global regulatory requirements (e.g., FFIEC, EBA, MAS, APRA, etc.) and internal policies .Manage audit readiness, response, and remediation related to privileged access. People & Stakeholder Management: Lead and develop a high-performing, globally distributed PAM team. More ❯
team. Participate in IAM audit and review access control reports to identify potential risks. Business facing experience. Desirable Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC) Experience of documenting IAM processes and procedures. Flexibility in working in a 24/7 shift model Risk Management processes. Incident management. Splunk experience. ServiceNow experience. Technical graduate. We are More ❯
London, England, United Kingdom Hybrid / WFH Options
MUFG Americas
Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a More ❯
management, security governance, and analytical thinking Emerging knowledge of relevant regulatory frameworks and industry guidelines, such as NIST, ISO, CRI Profile, and regional or jurisdictional regulatory frameworks such as FFIEC, and GDPR Developing knowledge of controls industry Preferred qualifications, capabilities, and skills Ability to manage a varied workload as required by regulatory bodies. Good understanding of ITIL Technology processes (IT More ❯
management, security governance, and analytical thinking Emerging knowledge of relevant regulatory frameworks and industry guidelines, such as NIST, ISO, CRI Profile, and regional or jurisdictional regulatory frameworks such as FFIEC, and GDPR Developing knowledge of controls industry Preferred qualifications, capabilities, and skills Ability to manage a varied workload as required by regulatory bodies. Good understanding of ITIL Technology processes (IT More ❯
team. Participate in IAM audit and review access control reports to identify potential risks. Business-facing experience. Desirable Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC). Experience of documenting IAM processes and procedures. Flexibility in working in a 24/7 shift model. Risk Management processes. Incident management. Splunk experience. ServiceNow experience. Technical graduate. We More ❯
London, England, United Kingdom Hybrid / WFH Options
myGwork - LGBTQ+ Business Community
platform Experience with Conducttr platform Familiarity with Salesforce Shield, Event Monitoring, and encryption features Understanding of business continuity and disaster recovery frameworks (e.g., ISO 22301, NIST SP 800-34, FFIEC) Working knowledge of data governance, compliance (e.g., GDPR, HIPAA), and audit readiness Soft Skills: Excellent documentation, communication, and problem-solving skills Please note you must currently be eligible to work More ❯
skills are required Strong analytical, organizational, and problem-solving skills are required Must be highly flexible and adaptable to change Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX preferred Skills/Qualifications Proven work experience. Information Security Certification Working With Us As a Northern Trust partner, greater achievements await. You will be part of More ❯
to Cloud so any experience here is useful e.g. IAM in Azure Understanding of designing governance and controls. Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC). Ideally have worked in an Agile or SAFe environment. This is a hybrid position based in London with 3 days per week in the office. #J-18808-Ljbffr More ❯
cases and business logic for continuous controls monitoring and partnering with product and engineering teams to develop and implement. Good working knowledge of technology-relevant financial services regulation (e.g., FFIEC handbooks, etc.) Good working knowledge of common & current information technology implementations (additional weight given for familiarity with Public and Private Cloud Implementation) Inquisitive nature and comfort challenging current practices; proven More ❯
cases and business logic for continuous controls monitoring and partnering with product and engineering teams to develop and implement. Good working knowledge of technology-relevant financial services regulation (e.g., FFIEC handbooks, etc.) Good working knowledge of common & current information technology implementations (additional weight given for familiarity with Public and Private Cloud Implementation) Inquisitive nature and comfort challenging current practices; proven More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Bonhill Partners
Cyber Business Analyst – Financial Services (Contract) Location: London (Hybrid – 3 days in office) Duration: 6 month (rolling) Rate: 475 P/D Inside IR35 We’re supporting a leading global financial institution looking for a Cyber Business Analyst to support More ❯
Cyber Business Analyst – Financial Services (Contract) Location: London (Hybrid – 3 days in office) Duration: 6 month (rolling) Rate: 475 P/D Inside IR35 We’re supporting a leading global financial institution looking for a Cyber Business Analyst to support More ❯
performing risk assessments/audits, managing readiness engagements, establishing global SOX compliance programs, managing audits and compliance against regulatory/standards/leading practices (i.e. SOX, GLBA, Clause 49, FFIEC, etc.) and establishing control environments Work closely with CSO & Security director to define Security Strategy and build and nurture positive working relationships with clients Consulted and provided solutions in the More ❯
