At a Glance
- Tasks: Join a team to enhance global cybersecurity and manage risk and compliance.
- Company: Leading financial services firm focused on best-in-class security.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic role with exposure to diverse business operations and career advancement.
- Why this job: Make a real difference in protecting vital information and systems.
- Qualifications: Experience in cybersecurity frameworks and strong communication skills required.
The predicted salary is between 50000 - 70000 Β£ per year.
The Engineer, Information Security GRC (Governance, Risk, and Compliance) is part of a team responsible for the global Information Security program. The role would gain exposure to the full suite of businesses and products which underpin the Parent Intercontinental Exchange (ICE) company.
Information Security (IS) is charged with:
- Preventing impactful cybersecurity and physical security incidents
- Maintaining a reputation with customers, regulators, and key stakeholders as running a best-in-class cybersecurity and physical security program
- Avoiding negative impact to business agility and growth from cybersecurity and physical security policies and controls
Governance, Risk, and Compliance maintain said policies, ensure controls are operating effectively via assessment and attestation, and own the vulnerability management program to identify and correct any problems within.
Responsibilities
- Security Metrics β Uses automated and manual processes to produce regular reports communicating the status of the Information Security program
- Policies and Procedures β Maintains corporate Information Security policies and departmental procedures and maps them to relevant control standards
- Regulator, Audit, and Customer Inquiries β Organizes and updates departmental documentation and responds to inquiries in an organized and repeatable fashion
- Recertification β Operates periodic processes to ensure hire, transfer, and termination protocols are complied with and regular access reviews are conducted
- Security Awareness β Builds and maintains company awareness and education programs
- Risk Assessment β Builds and operates the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activity
Knowledge and Experience
- Experience in Cybersecurity Framework (such as NIST, COBIT)
- Experience with Systems Administration and/or IP Networking is a plus
- Experience with Regulatory Compliance
- Experience in an exchange, trading facility, or financial services a plus
- Experience in Customer communication and Vendor evaluation
- Experience with senior management and board metrics generation and communication
- Advanced certifications (for example, the CISSP)
- Advanced technical writing and/or communication education and experience
- University degree in Information Security, Engineering, or similar experience
Specific Technologies:
- Excel, Workflow automation tools, Data collection, normalization, indexing, correlation, and visualization
- Scripting, regular expressions, string-parsing, light SDLC, and project management
- NIST Cyber Security Framework, CIS, and GRC Platforms
Engineer, Information Security GRC in London employer: ICE Clear Europe Limited
ICE Clear Europe Limited is an exceptional employer, offering a dynamic work environment in the heart of London where innovation and collaboration thrive. With a strong focus on employee growth, we provide ample opportunities for professional development and career advancement, alongside a supportive culture that values teamwork and excellence in project delivery. Join us to be part of a forward-thinking company that champions Agile methodologies and empowers its employees to lead impactful software initiatives.