Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and analyze information security strategies and risk management for FTSE Russell.
- Company: LSEG is a trusted global financial markets infrastructure and data provider.
- Benefits: Enjoy a dynamic work environment with opportunities for professional growth and development.
- Why this job: Join a team that drives cyber initiatives and enhances security across the organization.
- Qualifications: Proven experience in senior InfoSec roles, strong communication skills, and knowledge of cyber threats.
- Other info: Certifications like CISSP or CISM are a plus; thrive in a fast-paced, high-volume workload.
The predicted salary is between 54000 - 84000 £ per year.
Senior Manager, Business Information Security
LSEG is your trusted global financial markets infrastructure and data provider. Discover how we deliver value for our customers.
Reviewing and assessing the information security and cyber controls that enables FTSE Russell to conduct its business in a secure manner, and gap analysis of the same and the oversight of InfoSec/Cyber related control gap/risk remediation activities.
Lead and analyse the information security roadmaps, strategies, programmes, and projects within FTSE Russell, identifying and reporting risks, trends, and future opportunities for improvement and enhancement, proactively engaging and working closely with the technology and cyber teams.
Provide updates to the FTSE Russell management from the three lines of defence regarding the delivery and progress of the various strategic cyber initiatives and broader cyber programme within LSEG.
Engage with external third parties who provide services to FTSE Russell and work closely with the established internal third-party oversight functions to ensure appropriate and contracted levels of security are met.
Establish and maintain a Cyber Risk Profile of FTSE Russell in line with other areas of LSEG and assist with the establishment towards maintenance of a Risk Control Assessment (RCA) that focuses on InfoSec/Cyber risks and associated controls.
Drive established key performance indicators including executive level presentation materials and key risk indicators, ensuring that all management information (MI) is an accurate reflection of the current control’s estate.
Assess the security architecture solution designs and risk position of projects and initiatives undertaken by FTSE Russell, working closely with associated SMEs and design authorities to ensure projects are delivered in compliance with Policies and Standards, and with security design principles considered/implemented as key success results.
Develop business goals and operational risks, identifying key areas for improvement and supporting the risk management decision processes and risk forums/committees.
Assist with the identification of emerging information and cyber security threats to the business, leading all aspects of risk mitigation plans and building positive relationships within the business to gain an understanding of security-related business risks.
Work closely with governance stakeholders in the 1st, 2nd, and 3rd lines of defence on all matters relating to information security, cyber risk, data privacy, including all regulatory and legislative considerations.
Constructively and pragmatically challenge established controls to ensure, recommend, and accommodate continuous improvement, ensuring management understands their responsibilities in relation to security risk mitigation and remediation.
Monitor industry information security trends and keep the business leadership informed about information security-related issues and activities potentially affecting the organisation and specific business functions.
Review and document the technologies and security controls across the firm, including areas such as office spaces, data centres, and cloud.
Implement and conclude the security controls maturity assessments against industry standards such as the NIST Cyber Security Framework, ISO27001/2, SOC2.
Review and respond appropriately to regulatory and legislative matters, producing and presenting risks and risk postures/cyber maturity to senior/executive bodies.
Build knowledge of business units by assisting them with their security workloads, agendas, and difficulties, maintaining a balanced relationship with risk, compliance, legal, human resources, and internal and external audit functions.
Key Skills
- Knowledge of technology, security, and threat landscapes.
- Staying abreast of emerging technologies, including all security technologies.
- Sustaining a deep and in-depth knowledge of the cyber threat landscape.
- Maintaining and constantly enriching knowledge of information security and cyber risks as they develop.
- Ability to propose and explain appropriate cyber risk countermeasures clearly and concisely.
- Remaining informed and knowledgeable on primary global data protection regulations and legislation.
- Proven track record in senior InfoSec management roles, including presentations to Boards and regulatory engagement.
- Extensive previous exposure to FS or FMI industry organisations.
- High performance in problem solving, innovating, and critical thinking.
- Excellent written/verbal communication and stakeholder leadership skills.
- Ability to clearly articulate ideas to both technical and non-technical audiences.
- Must be capable of working pragmatically and efficiently in both a team and alone.
- Able to prioritise efficiently and appropriately with minimal supervision.
- Able to work in a fast-paced, high-volume workload environment, prioritising accordingly.
Desirable & Advantageous Certifications:
- CISSP-ISSAP, CISSP-ISSEP, CISM, CCSP, CCSK, CEH.
- ISO27K, ISF SOGP, NIST CSF, CIS, CSA STAR, CBEST, TIBER-EU, SOC2.
#J-18808-Ljbffr
Senior Manager, Business Information Security employer: LSEG
Contact Detail:
LSEG Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Manager, Business Information Security
✨Tip Number 1
Make sure to stay updated on the latest trends in information security and cyber threats. This knowledge will not only help you during interviews but also demonstrate your commitment to the field.
✨Tip Number 2
Network with professionals in the financial services and infrastructure sectors. Engaging with industry peers can provide insights into the role and may even lead to referrals.
✨Tip Number 3
Familiarize yourself with the specific regulatory and legislative considerations relevant to the role. Being able to discuss these topics confidently can set you apart from other candidates.
✨Tip Number 4
Prepare to discuss your experience with risk management and how you've successfully implemented security controls in previous roles. Real-world examples will showcase your expertise effectively.
We think you need these skills to ace Senior Manager, Business Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security and cyber risk management. Use specific examples that demonstrate your ability to lead and analyze security roadmaps, as well as your familiarity with industry standards like NIST and ISO27001.
Craft a Compelling Cover Letter: In your cover letter, express your passion for information security and your understanding of the financial markets infrastructure. Discuss how your previous roles have prepared you for the responsibilities outlined in the job description, particularly in engaging with technology and cyber teams.
Highlight Key Skills: Clearly outline your knowledge of technology, security, and threat landscapes in your application. Emphasize your proven track record in senior InfoSec management roles and your ability to communicate effectively with both technical and non-technical audiences.
Showcase Certifications: If you hold any relevant certifications such as CISSP, CISM, or ISO27K, make sure to include them prominently in your application. This will demonstrate your commitment to professional development and your expertise in the field.
How to prepare for a job interview at LSEG
✨Understand the Cyber Threat Landscape
Make sure to familiarize yourself with the latest trends and emerging threats in the cyber security space. Being able to discuss current challenges and how they relate to the company's operations will demonstrate your expertise and proactive approach.
✨Showcase Your Leadership Skills
Prepare examples of how you've successfully led teams or projects in previous roles, especially in high-pressure environments. Highlight your ability to communicate effectively with both technical and non-technical stakeholders, as this is crucial for the role.
✨Be Ready for Technical Questions
Expect to be asked about specific security frameworks and standards, such as NIST or ISO27001. Brush up on these topics and be prepared to explain how you have applied them in past experiences.
✨Demonstrate Your Problem-Solving Abilities
Think of scenarios where you've had to tackle complex security issues. Be ready to discuss your thought process and the steps you took to resolve these challenges, showcasing your critical thinking and innovative solutions.
