Senior Analyst, GRC 3rd Party Risk
The GRC Analyst is a position, responsible for ensuring the robust assessment and analysis of the information security risk environment of external suppliers
- Responsible for conducting timely security impact assessments of third-party suppliers recording results accurately and initiating appropriate assurance response
- Support for the production of high quality, informative and accurate reports in respect of third-party assurance assessments
- Provide advice and guidance to stakeholders on Information Security Minimum Requirements.
- Provide advice to Information Security related briefings and Threat Management Groups
- Participate in and contribute to Information Security forums and bodies. Assist in the improvement of risk management and Information Security controls within the Group
- Ensure all activity is compliant with NIST, GDPR and other Financial Services relevant legislation including CPMI IOSCO.
- Contribute to the collection and management of KRI's and MI's
- Ensure assurance portfolio of third-party suppliers remains full and current
- Support the Third-Party Senior Manager with all third-party vendor risk assessment activities and reporting tasks
- Understanding and working knowledge of cyber security control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
- Understanding of key regulatory requirements for technology and cyber security in the main LSEG operating centres
- Cyber security qualification e.g. CISSP / CISM (desirable)
- Degree or Masters qualification in Cyber, Information Security or IT management (desirable)
- IT and cybersecurity policies and standards
- Operational risk frameworks
- Third Party Risk Frameworks
- Regulatory compliance
- Technology resiliency
- Data protection
At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise of creating essential partnerships and open opportunities. Our open culture is central to how we deliver our purpose - driving financial stability, empowering economies and enabling customers to create sustainable growth - in everything we do.
Working with us means that you will be part of a dynamic organisation of 25,000 people across 70 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.
LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject.
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.