Key responsibilities
* Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology.
* Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken.
* Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment.
* Oversee the implementation of action plans to remediate both Self-Identified Issues and Audit Issues.
* Perform issue closure validation for both Self-Identified Issues and Audit Issues.
* Support the maintenance of a centralised repository of Engineering audit & regulatory evidence and responses for re-use and with reporting.
* Maintain a centralised repository of Customer RFI responses for re-use and with reporting.
* Support the work of wider GRC teams where required and in areas of interest and expertise.
* Work with partners to ensure conformance with Regulatory, Company and Industry standards.
* Support the production of required Metrics at committees and forums, as well as representing the team where required.
Critical Work
* Support the ongoing and periodic regulatory and compliance responses and engagements.
* Audit management and coordination.
* Issue remediation oversight and closure validation.
* Responding to customer RFIs using standardised formats and frameworks.
* Quality assurance on library of responses required for customer RFIs etc.
Impact
* The development of the Audit and Regulatory Governance within Technology and Cyber Security divisions will have a significant impact on the resources of other teams in cyber. The GRC team especially need to assure the remediation activity conducted in response to findings.
Technical / job functional knowledge
* Awareness and working knowledge of control frameworks based on industry standard methodologies such as NIST, COBIT, and ISO27001.
* Awareness of key regulatory requirements for technology and cyber security in the main LSEG operating centres - UK, Europe, US & Asia.
* Cyber security qualification e.g. CISMP / Apprenticeship (desirable).
* Demonstrable working knowledge and understanding of key technology and cyber security controls such as Incident Management, Backup & Recovery, Capacity Management, Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
* IT and cybersecurity policies and standards.
* Operational risk frameworks.
* Regulatory compliance.
* Operational Resilience.
* Good understanding of data protection controls.
* Financial Services sector experience.
* Technology & Cyber Security.
Leadership and management experience
* Not essential but experience will be recognised; greater focus on work experiences and ability to engage and drive initiatives.
Personal skills and capabilities
* Critical thinking.
* Objective analysis of poorly defined problems.
* Ability to provide robust challenge.
* Proficient understanding of financial institutions and underlying business processes.
* Partnership and influence.
* Resource management.
* Negotiation and Partner management.
* Resolving Conflicts.
* Working with senior stakeholders.
#J-18808-Ljbffr