Audit & Regulatory Governance Manager

---

Job description

Join an established financial services company

Senior Manager, Audit & Regulatory Governance - Technology

Provides Oversight and primary liaison for all Cybersecurity audit & regulatory engagements.

Key Responsibilities

* Take ownership of the first line cyber regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with best practice
* Act as the point of contact for all cyber related Internal Audit and External audit actions undertaken.
* Responsible for developing and maintaining a central repository of Cybersecurity regulatory guidance aligned to NIST FSSCC and Cybersecurity Standards with workflow delivering timely evidence and responses to regulatory exams, questionnaires, and assessments.
* Develop a centralised repository of Cybersecurity audit & regulatory evidence and responses for re-use and with reporting.
* Responsible for developing and maintaining a combined (COMCO) central repository of customer responses (RFI's) to NIST FSSCC with workflow delivering timely, consistent responses to RFIs.
* Develop a centralised repository of RFI responses for re-use and with reporting.
* Engage partners in governance forums for awareness and resolve critical issues.
* Work closely with Compliance and second line of defence teams to ensure all regulatory and customer responses are addressed in a timely manner.
* Oversight and management of direct reports required to deliver against LSEG's regulatory and customer obligations.
* Work with senior stakeholder management to ensure conformance with Regulatory, Company and Industry standards
* Reporting regular updates to relevant committees and management teams, including producing the required Metrics

Leadership responsibilities

* The role is expected to motivate and lead a team of analysts and will be seen by stakeholders as a trusted partner in a 'high support and high challenge' relationship.
* Experience
* Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
* Understanding of key regulatory requirements for technology and cyber security in the main LSEG operating centres
* Cyber security qualification e.g. CISSP \/ CISM (desirable)
* Information Security auditing qualification e.g. CISA (desirable)
* Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
* Degree or Masters qualification in Cyber, Information Security or IT management (desirable)

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk