Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead efforts in managing cyber risk and ensuring compliance with regulations.
- Company: Join Cantor Fitzgerald, a global leader in financial services and information security.
- Benefits: Enjoy flexible work options, competitive salary, and professional development opportunities.
- Why this job: Make an impact by enhancing security practices and protecting organisational assets.
- Qualifications: 6+ years in Governance Risk and Compliance; degree in IT or Cybersecurity preferred.
- Other info: Work with diverse global teams and stay ahead of emerging technologies.
The predicted salary is between 48000 - 72000 £ per year.
Cantor Fitzgerald’s Global Information Security team is seeking a Governance, Risk, and Compliance (GRC) Lead with expertise on managing cyber risk, ensuring compliance with regulatory requirements, and maintaining corporate controls. This role will be primarily responsible for leading efforts related to third-party risk management, client due diligence, awareness training, and regulatory compliance.
Governance Risk and Compliance:
- Advise project teams, application owners, infrastructure services, and other IT teams on information security controls, such as access management, incident handling, business continuity, system development lifecycle, threat and vulnerability management, and data protection.
- Identify and manage risks and vulnerabilities, providing strategic mitigation recommendations.
- Continuously improve policies and procedures related to controls and operational processes.
Third-Party Risk Management:
- Conduct risk assessments of new and existing third-party vendors to ensure compliance with company policies and regulatory requirements. This includes reviewing security controls, attestation reports, compliance certifications, and pertinent policies and processes related to threat and vulnerability management.
- Manage and respond to due diligence inquiries from clients, providing accurate and timely information to support their compliance and risk assessment processes, while ensuring adherence to company policies and regulatory standards.
Training and Awareness:
- Develop and deliver training programs to educate internal stakeholders and third-party vendors on information security best practices and risk management procedures. This includes annual mandatory training, simulated phishing campaigns, and ongoing firm-wide communications.
- Facilitate a risk acceptance program aimed at enhancing governance surrounding potential deviations from information security policies.
Support organizational compliance by ensuring security controls align with regulatory and industry standards. Oversee the remediation process for findings originating from internal and external audits, risk assessments, and other control evaluations. Conduct technical training and knowledge-sharing sessions to ensure effective execution of the processes.
Outstanding written and verbal communication skills in English. Experience working with global teams across multiple time zones, cultures, and languages. Strong understanding of cybersecurity frameworks and practices to safeguard organizational assets. Ability to stay abreast of emerging technologies and evolving regulatory landscapes.
Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field (or equivalent experience). 6+ years of experience in Governance Risk and Compliance with a focus on cybersecurity and technology management.
Lead Information Security employer: BGC Group
Contact Detail:
BGC Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead Information Security
✨Tip Number 1
Network with professionals in the cybersecurity and GRC fields. Attend industry conferences, webinars, or local meetups to connect with others who work in similar roles. This can help you gain insights into the company culture at Cantor Fitzgerald and may even lead to referrals.
✨Tip Number 2
Familiarise yourself with the latest cybersecurity frameworks and compliance regulations relevant to the role. Being well-versed in these areas will not only boost your confidence but also demonstrate your commitment to staying updated in a rapidly evolving field.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've successfully managed risks or improved compliance processes. Use the STAR method (Situation, Task, Action, Result) to structure your responses, showcasing your problem-solving skills and strategic thinking.
✨Tip Number 4
Research Cantor Fitzgerald’s recent projects or initiatives related to information security. Being able to reference specific examples during your discussions will show your genuine interest in the company and how you can contribute to their goals.
We think you need these skills to ace Lead Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Governance, Risk, and Compliance (GRC) specifically related to cybersecurity. Use keywords from the job description to demonstrate your fit for the role.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about information security and how your background aligns with the responsibilities outlined in the job description. Mention specific experiences that showcase your expertise in managing cyber risk and compliance.
Showcase Communication Skills: Since outstanding written and verbal communication skills are essential for this role, consider including examples of how you've effectively communicated complex information to diverse audiences in your application materials.
Highlight Training Experience: If you have experience developing or delivering training programs, be sure to include this in your application. Discuss any specific training initiatives you've led that relate to information security best practices or risk management.
How to prepare for a job interview at BGC Group
✨Showcase Your Expertise
Make sure to highlight your experience in Governance, Risk, and Compliance during the interview. Be prepared to discuss specific examples of how you've managed cyber risks and ensured compliance with regulatory requirements in previous roles.
✨Understand Their Needs
Research Cantor Fitzgerald’s Global Information Security team and understand their specific challenges and goals. Tailor your responses to demonstrate how your skills can directly address their needs, especially in areas like third-party risk management and regulatory compliance.
✨Communicate Clearly
Since outstanding written and verbal communication skills are essential for this role, practice articulating your thoughts clearly and concisely. Use examples to illustrate your points, especially when discussing complex topics like cybersecurity frameworks and incident handling.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving abilities in real-world situations. Prepare to discuss how you would handle specific risks or compliance issues, and be ready to provide strategic mitigation recommendations based on your past experiences.
