Information Security Officer - Post Trade, LCH Ltd

Information Security Officer - Post Trade, LCH Ltd

Full-Time 70000 - 90000 £ / year (est.) No working from home possible
Dormont Manufacturing Co

At a Glance

  • Tasks: Oversee information security and cyber controls, ensuring business systems are protected.
  • Company: Join LCH Ltd., a leading firm in the financial services industry.
  • Benefits: Competitive salary, diverse work environment, and opportunities for professional growth.
  • Other info: Be part of a collaborative team focused on continuous improvement and risk management.
  • Why this job: Make a real impact on cybersecurity in a dynamic and innovative setting.
  • Qualifications: 10+ years in InfoSec management, with strong knowledge of security technologies.

The predicted salary is between 70000 - 90000 £ per year.

The purpose of this role is to assist the Director of Business Information Security (BISO) in all security matters relating to the oversight of Information and Cyber Security within the LCH Ltd. business line of LSEG’s Post Trade division. The successful candidate will be charged with ensuring that the critical business systems and data assets of LCH Ltd. are adequately protected, and that all related information security and cyber controls remain effective and within risk appetite and/or have appropriate risk treatment plans in place to bring them back into risk appetite.

This role is best suited for an experienced Information Security Manager with extensive experience in senior management level InfoSec/Cyber roles within the FS or FMI industries. The successful candidate must be a subject matter expert in Information Security, with a strong knowledge of information security and cyber security, in-depth knowledge of legacy, existing, and emerging technologies including cloud and security technologies/controls, and a solid Security Governance Risk and Compliance (Security‑GRC) skillset. A prior background in information security engineering, vulnerability management, security architecture, and security operations is advantageous.

Key responsibilities
  • Assisting in the oversight of Information Security by reviewing and assessing the information security and cyber controls that enable LCH Ltd. to conduct its business in a secure manner, and performing gap analysis.
  • Overseeing InfoSec/Cyber related control gap/risk remediation activities.
  • Monitoring and analysing the information security roadmaps, strategies, programmes, and projects within LCH Ltd., and identifying and reporting risks, trends and future opportunities for improvement.
  • Proactively engaging and working closely with the technology and cyber teams that are delivering technology and cyber services to the firm.
  • Attending risk and governance meetings to provide updates to the LCH Ltd. stakeholders from the three lines of defence regarding the delivery and progress of the various strategic cyber initiatives and broader cyber programme within LSEG.
  • Working with colleagues from the three lines of defence to define the current risk posture of LCH Ltd. and collaborating with those stakeholders to remediate identified risks/issues.
  • Engaging with external third parties who provide services to LCH Ltd. and working closely with the established internal third‑party oversight functions to ensure appropriate and contracted levels of security are met.
  • Establishing and maintaining a Cyber Risk Profile of LCH Ltd. in line with other areas of LSEG.
  • Assisting with the establishment and maintenance of a Risk Control Assessment (RCA) that focuses on InfoSec/Cyber risks and associated controls.
  • Maintaining the established key performance and key risk indicators and ensuring that all management information is an accurate reflection of the current control estate.
  • Maintaining an accurate set of executive level presentation materials that clearly and accurately present the current state of security control within LCH Ltd.
  • Assessing the security architecture solution designs and risk position of projects and initiatives undertaken by LCH Ltd. and working closely with associated SMEs and design authorities to ensure projects are delivered in compliance with Policies and Standards, and with security design principles considered/implemented as key success deliverables.
Engagement with the business to:
  • Develop an understanding of business goals and operational risks.
  • Identify key areas for improvement.
  • Support risk management decision processes and risk forums/committees.
  • Assist with the identification of emerging information and cyber security threats to the business, and the subsequent analysis to realise and oversee risk mitigation plans.
  • Build strong relationships within the business to gain an understanding of security‑related business risks.
  • Work closely with governance stakeholders in the 1st, 2nd, and 3rd lines of defence on all matters relating to information security, cyber risk, data privacy, including all regulatory and legislative considerations.
Embedding Cyber across the firm by:
  • Working closely with all necessary stakeholders in the business and technology areas to ensure compliance with established LSEG policies, standards, and procedures.
  • Constructively and pragmatically challenging established controls to ensure, recommend, and accommodate continuous improvement.
  • Ensuring LCH Ltd. stakeholders understand their responsibilities in relation to security risk mitigation and remediation.
  • Monitoring industry information security trends and keeping business leadership informed about information security‑related issues and activities potentially affecting the organisation and specific business functions.
Security Governance, Technical, and Risk Review:
  • The review and documentation of technologies and security controls across the firm, including areas such as office spaces, data centres and cloud.
  • Executing and concluding security controls maturity assessments against industry standards such as the NIST Cyber Security Framework, ISO27001/2, SOC2.
  • Working closely with stakeholders to review all projects and initiatives, assessing them for appropriate/correct levels of security design and controls.
  • Identification of technology and security risks across the firm and the assessment and appropriate risk scoring and presentation of the same.
  • Producing appropriate risk remediation action plans and taking ownership of risk treatment proposals and action plans.
  • Reviewing and appropriately responding to regulatory and legislative matters.
  • Producing and presenting risks and risk postures / cyber maturity to senior/executive bodies.
  • Being able to clearly and precisely present complex cyber risk matters to clients and regulators.
Partnering with the different business control functions:
  • Build knowledge of business units by assisting them with their security workloads, agendas, and difficulties.
  • Maintaining a balanced relationship with risk, compliance, legal, human resources, and internal and external audit functions.
Knowledge of technology, security, and threat landscapes:
  • Staying abreast of emerging technologies, including all security technologies.
  • Sustaining a deep and in‑depth knowledge of the cyber threat landscape.
  • Maintaining and constantly enriching knowledge of information security and cyber risks as they develop.
  • Being able to propose and explain appropriate cyber risk counter measures clearly and concisely.
  • Remaining informed and knowledgeable on primary global data protection regulations and legislation.
Experience and core skill requirements
  • 10 years minimum experience in senior InfoSec management roles.
  • Extensive previous exposure to FS or FMI industry organisations.
  • High performance in problem solving, innovating and critical thinking.
  • Excellent written and verbal communication and stakeholder management skills.
  • Ability to articulate ideas to both technical and non‑technical audiences.
  • Capable of working pragmatically and efficiently in both a team and alone.
  • Ability to prioritise workloads efficiently and appropriately with minimal supervision.
  • Ability to work in a fast paced, high‑volume workload environment, prioritising accordingly.
Must Have Security Certifications
  • CISSP
Desirable & Advantageous Certifications
  • CISSP‑ISSAP
  • CISSP‑ISSEP
  • PCISM
  • CCSP
  • CCSK
  • CEH
Working knowledge of Security Standards / Frameworks
  • ISO27K
  • ISF SOGP
  • NIST CSF
  • CISSP
  • CSA STAR
  • CBEST
  • TIBER‑EU
  • SOC2

Information Security Officer - Post Trade, LCH Ltd employer: Dormont Manufacturing Co

LCH Ltd, part of the London Stock Exchange Group, is an exceptional employer that prioritises a culture of collaboration and innovation within the dynamic financial services sector. Employees benefit from comprehensive professional development opportunities, a commitment to diversity and inclusion, and a supportive work environment that encourages proactive engagement with cutting-edge technology and security practices. Located in a vibrant city, LCH Ltd offers a unique chance to contribute to critical information security initiatives while enjoying a fulfilling career path in a forward-thinking organisation.

Dormont Manufacturing Co

Contact Details:

Dormont Manufacturing Co Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Information Security Officer - Post Trade, LCH Ltd

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Dormont Manufacturing Co, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Dormont Manufacturing Co

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Dormont Manufacturing Co. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Information Security Officer - Post Trade, LCH Ltd

Information Security Management
Cyber Security Expertise
Security Governance Risk and Compliance (Security-GRC)
Vulnerability Management
Security Architecture
Risk Assessment
Cloud Security Technologies

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Dormont Manufacturing Co insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Dormont Manufacturing Co that you’re committed to staying ahead in the game.

How to prepare for a job interview at Dormont Manufacturing Co

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Dormont Manufacturing Co to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Dormont Manufacturing Co.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.