Information Security Officer Cyber Risk Governance
Support the oversight of Information Security and Cyber Security controls that enable LCH to operate securely and resiliently. Review and assess the design and operational effectiveness of security controls, identifying gaps, weaknesses, and improvement opportunities.
Support the tracking, reporting, and follow up of InfoSec and Cyber risk remediation actions. Monitor cyber related roadmaps, programmes, and initiatives impacting LCH, identifying risks, dependencies, and areas requiring escalation. Use this knowledge to engage credibly with technical specialists and translate technical issues into clear, risk based insights for stakeholders.- Apply strong cyber and technology domain knowledge to understand, assess, and articulate security risks and control effectiveness across: Identity & Access Management (IAM) and Privileged Access Management (PAM) Infrastructure and platform technologies, including virtualised environments Vulnerability management tooling, prioritisation, and remediation approaches Cloud and SaaS security concepts, including shared responsibility models Secure Development Lifecycle (SDLC) principles and application security fundamentals Contribute to risk, security, and governance forums by providing accurate, evidence based updates on cyber risk posture, remediation progress, and control effectiveness.
Work with colleagues across the first, second, and third lines of defence to support a consistent and well understood cyber risk posture for LCH. Support the development and maintenance of the LCH Cyber Risk Profile. Assist with Risk & Control Assessments (RCA) covering InfoSec and Cyber risks.Maintain key risk and performance indicators, ensuring management information accurately reflects the current control environment. Develop and maintain a strong understanding of LCH business services, objectives, and operational risks , and how these influence cyber and information security risk.
Identify key areas for improvement across cyber risk, control effectiveness, and governance. Support risk management decision making , including contributions to relevant risk forums and governance committees. Assist with the identification of emerging cyber and information security threats , supporting analysis and mitigation planning.
Build effective relationships across the business to gain a clear understanding of security related risks and priorities . Work closely with stakeholders across the three lines of defence on information security, cyber risk, and data privacy matters, including regulatory and legislative considerations.
Maintain awareness of emerging technologies and relevant security capabilities. Sustain a strong working understanding of the cyber threat landscape , particularly as it applies to Financial Market Infrastructure (FMI) organisations. Continuously develop knowledge of evolving cyber and information security risks .
Contribute to the articulation of appropriate cyber risk mitigations , explaining effectiveness and limitations clearly. Maintain awareness of key global data protection and privacy regulations relevant to LCH. Operates with a high degree of autonomy, managing responsibilities with minimal day to day supervision.
Brings a strong learning mindset and proactive attitude , actively seeking to broaden capability across cyber risk, controls, governance, and regulation. Experience in Information Security, Cyber Risk, Technology Risk, or Security Governance roles.
Strong conceptual knowledge of: + IAM / PAM + Infrastructure and platform technologies + Vulnerability management + Cloud and SaaS security concepts + SDLC principles Experience working with risk, controls, and governance processes. Excellent written and verbal communication skills.
Ability to operate independently and prioritise effectively.Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day.
They go to the heart of who we are and guide our decision making and everyday actions.LSEG (London Stock Exchange Group) is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.
Our culture of connecting, creating opportunity and delivering excellence shapes how we think, how we do things and how we help our people fulfil their potential.