Job
Description
The role is to support the development and maintenance of robust control frameworks and a unified Technology & Cyber Security Control library. You will help implement process control monitoring capabilities to coordinate control execution across Engineering and contribute to driving a positive risk culture within Engineering by implementing processes for control efficiency demonstration. This role requires organized, methodical thinking with strong attention to detail for creating control test plans and documentation. Your responsibilities will include: - Maintaining and regularly updating the centralized Technology & Cyber Security control library, ensuring controls align with industry frameworks (NIST, ISO, COBIT) and regulatory requirements (e.g. DORA). You will help translate complex framework/regulatory requirements into clear, actionable controls. - Conducting Tests of Design Assurance and Operating Effectiveness Assurance for key controls at both group and divisional levels, providing critical support for Group Engineering, Risk & Control Assessments. Documenting test results and identifying areas for improvement. - Establishing and overseeing processes to ensure control evidence is properly documented, stored, and accessible at required frequencies. Creating standardized templates for evidence collection to improve consistency. Reviewing monitoring results for completeness and accuracy, driving corrective actions as needed. - Planning and coordinating periodic independent assurance activities with internal audit teams and external assessors, preparing documentation and facilitating access to evidence. - Implementing, tracking, and analyzing Key Control Indicators (KCIs) aligned to the control library, helping to identify trends and potential weaknesses before they impact operations. - Maintaining detailed control performance dashboards and metrics that clearly communicate control status to various partners, from technical teams to executive leadership. Performing sample-based testing of control operating efficiency. - Identifying thematic control weaknesses and collaborating with control/process owners to develop and implement effective remediation strategies with clear timelines and accountability. Representing Engineering in risk discussions with internal team members. - Leading a team of GRC analysts, providing mentorship, technical guidance, and career development opportunities while ensuring high-quality results. Qualifications: - Relevant degree in IT, Cybersecurity, or Risk Management (Desirable). - 5+ years of experience in technology controls or compliance. - Strong knowledge of control frameworks (NIST, ISO, COBIT). - Demonstrable knowledge of key controls across Technology process areas (e.g. incident, change, capacity management). - Experience in control implementation across Technology process areas. - Experience in control testing and evidence validation. - Proven team management and project delivery skills. - Excellent analytical, communication abilities, and presentation skills. - Experience with GRC tools and control automation. About Us: LSEG (London Stock Exchange Group) is a diversified global financial markets infrastructure and data business dedicated to excellence in delivering services to customers. With extensive experience and deep knowledge across financial markets, we enable businesses and economies worldwide to fund innovation, handle risk, and build jobs. LSEG values integrity, partnership, excellence, and change, guiding our decision-making and actions every day. We are committed to sustainability and driving sustainable economic growth.,
