Technical Specialist – Regulatory
Financial Conduct Authority
Cyber Governance and Compliance Analyst
The Ardonagh Group
full-time
Posted on:
Location: 🇬🇧 United Kingdom
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber Security
About the role
- Ensure cyber risk management and governance frameworks are effectively implemented and maintained
- Collaborate with Cyber Governance, Education, and Awareness Analyst to develop and enhance cyber risk posture
- Support maintaining information and Cyber Security governance artefacts (Policies, Business Standards, Cyber Metrics)
- Assist Operational Teams with processes and procedures, providing reviews, advice, and contributions to procedural documents
- Support in developing, maintaining and updating Cyber Education and Awareness content
- Conduct ad-hoc reviews and oversight of operational access management processes to ensure effectiveness
- Leverage Everywhen risk framework to identify, analyse and manage cyber risk within the estate
- Manage and assist in completing cyber due-diligence requests for clients and internal stakeholders
- Manage and assist in cyber security assessments for new mergers and acquisitions
- Apply assurance processes to identify and register cyber risks
- Collaborate with the IT Governance function to identify significant areas of IT risk
- Track, manage and report risk, control and deviation remediation activities
- Update the risk register of information assets with risks associated with each asset
- Maintain the risk register of exceptions, assess and record the risk associated with any exceptions
Requirements
- Experience in cybersecurity governance, risk manager or compliance roles in an IT setting
- Ideally experience for an insurance provider/broker or at least in financial services market
- A degree in Cybersecurity, Information Technology, Information Systems, or a related field
- Relevant qualifications such as CISA, CISSP or CISM desirable
- Cyber security experience within a large complex corporate regulated environment
- Familiarity with cybersecurity regulations and frameworks (e.g., NIST, CIS, GDPR)
- Strong understanding of cybersecurity principles, threats, and risk management practices
- Proficiency in security tools and technologies
- Knowledge of data protection and privacy laws relevant to the organisation
- Ability to work under pressure, prioritise and manage own workload with autonomy
- Excellent analytical and problem-solving skills
- Strong communication skills across all mediums
- Ability to work collaboratively and build relationships with stakeholders at all levels
- Proactive and able to manage multiple tasks in a fast paced environment
