Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead compliance with European regulations and manage third-party risk in a dynamic tech environment.
- Company: Join Ant International, a leader in digital payment solutions driving global commerce innovation.
- Benefits: Enjoy flexible work options, competitive salary, and opportunities for professional growth.
- Why this job: Be part of a mission-driven team enhancing digital capabilities for businesses worldwide.
- Qualifications: 5+ years in GRC roles with expertise in GDPR, DORA, and third-party risk management required.
- Other info: Certifications like CRISC or CISSP are preferred; equivalent experience will be considered.
The predicted salary is between 48000 - 84000 £ per year.
About Us: Ant International powers the future of global commerce with digital innovation for everyone and every business to thrive. In close collaboration with partners, we support merchants of all sizes worldwide to realise their growth aspirations through a comprehensive range of tech-driven digital payment and financial services solutions. Ant International strives to become the most trusted digital services connector to achieve sustainable growth of global commerce. With a focus on Travel, Trade, Technology, and Talent, Ant International is committed to enhancing the digital mindset and capacities of businesses worldwide. Through fostering collaborative efforts with partners, we are driving responsible innovation and increasing market accessibility for global SMEs.
Role Overview: As a GRC Lead, you will ensure alignment with European regulations (e.g., GDPR, DORA, PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk, outsourcing compliance, and identity governance to safeguard operational resilience.
What you will be doing:
- Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act), ensuring alignment in areas such as incident reporting and data protection. Translate requirements from PSD2 SCA, PCI DSS, and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procedures.
- Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. Ensure compliance with DORA's outsourcing requirements, including due diligence, contract oversight, and continuity planning.
- Audit & Assurance: Participate in internal/external audits (ISO 27001, SOC 2) and regulatory examinations, focusing on third-party and outsourcing compliance. Remediate gaps in processes or documentation.
- Risk Management: Maintain the enterprise risk register, prioritising risks tied to third-party dependencies, outsourcing, and ICT disruptions. Quantify risks using methodologies.
- Technical Compliance & Security: Advise on vulnerability management, endpoint security (EDR/XDR), and cloud compliance. Good understanding of IAM (Identity and Access Management) strategies, including role-based access control (RBAC) and privileged access management (PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience.
What we are looking for:
- 5+ years in GRC roles; financial services or banking.
- Understanding of GDPR, DORA, PCI DSS, and outsourcing/third-party risk requirements.
- Hands-on experience with ISO 27001 implementation and third-party risk tools.
- Proficiency in IAM (Identity and Access Management) solutions and conducting user access reviews.
- Familiarity with cloud technology and IT infrastructure.
- Strong knowledge of NIST frameworks (CSF, 800-53) and CIS Controls.
- Certifications: CRISC, CISSP, CISM, or CISA preferred (equivalent experience considered).
Cyber Security Lead employer: Ant Group
Contact Detail:
Ant Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Lead
✨Tip Number 1
Familiarise yourself with the specific regulations mentioned in the job description, such as GDPR and DORA. Being able to discuss these regulations confidently during your interview will demonstrate your expertise and understanding of the role.
✨Tip Number 2
Showcase your hands-on experience with ISO 27001 implementation and third-party risk tools. Prepare examples of how you've successfully managed compliance in previous roles, as this will highlight your practical knowledge and problem-solving skills.
✨Tip Number 3
Stay updated on the latest trends and challenges in cyber security, particularly in relation to financial services. Being able to discuss current events or recent changes in regulations can set you apart as a knowledgeable candidate.
✨Tip Number 4
Network with professionals in the cyber security field, especially those who have experience in GRC roles. Engaging in discussions or attending relevant events can provide insights and potentially lead to referrals that could help you land the job.
We think you need these skills to ace Cyber Security Lead
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Cyber Security Lead position. Familiarise yourself with key regulations like GDPR, DORA, and PCI DSS, as well as the specific skills needed for the role.
Tailor Your CV: Customise your CV to highlight relevant experience in GRC roles, particularly in financial services or banking. Emphasise your hands-on experience with ISO 27001 implementation and third-party risk management tools, as these are crucial for the position.
Craft a Compelling Cover Letter: Write a cover letter that showcases your strategic thinking and technical knowledge. Discuss how your experience aligns with the company's goals and how you can contribute to their mission of enhancing digital commerce.
Proofread and Edit: Before submitting your application, carefully proofread your documents for any spelling or grammatical errors. A polished application reflects your attention to detail, which is essential in the field of cyber security.
How to prepare for a job interview at Ant Group
✨Know Your Regulations
Familiarise yourself with key regulations like GDPR, DORA, and PCI DSS. Be prepared to discuss how these regulations impact the role and how you can ensure compliance within the organisation.
✨Demonstrate Technical Knowledge
Showcase your understanding of technical security controls and frameworks such as ISO 27001 and NIST CSF. Be ready to provide examples of how you've implemented these in previous roles.
✨Highlight Risk Management Experience
Discuss your experience with third-party risk management and how you've designed programs to assess vendors. Use specific examples to illustrate your approach to managing risks associated with outsourcing.
✨Prepare for Scenario-Based Questions
Anticipate scenario-based questions that test your problem-solving skills in real-world situations. Think about past experiences where you had to address compliance issues or manage security incidents.
