Cybersecurity Governance and Risk Specialist

We7re looking for a Cybersecurity Governance and Risk Specialist to join our Cybersecurity team and its existing efforts to enhance, expand and champion our cybersecurity GRC activities.

In this role, you7ll collaborate with cross-functional teams to drive impactful improvements in cybersecurity governance and risk management while promoting a culture of collaboration, accountability and continuous growth. You will also contribute to shaping our overall cybersecurity strategy, ensuring alignment with industry best practices and regulatory requirements.

Additional responsibilities of this role will include:

• Developing, maintaining and communicating cybersecurity policies, and helping colleagues understand and apply those security policies to their daily work
• Monitoring compliance with internal policies, tracking exceptions and collaborating with teams on exploring alternative risk-reduction measures when necessary
• Monitoring regulatory requirements, noting any changes that could impact the firm and collaborating with the relevant teams to ensure we stay in compliance
• Performing control assessments, helping identify control gaps or weaknesses and working with the relevant teams to implement improvements to reduce our risk exposure
• Supporting the development, automation and maintenance of appropriate metrics to drive informed decision-making
• Performing third-party vendor assessments and working with stakeholders to address risks, contributing to the success of our third-party vendor risk management program
• Participating in the Cybersecurity teams general activities to stay connected with the team at large

About You

• Have experience of working in deeply technical environments often engaging with Software Engineers
• Experience in Cyber Security standards, regulatory requirements and audits that are not just relevant to finance.
• Familiar with auditing processes and have participated in both internal and external audits
• Have a positive and collaborative attitude; you understand that a key component of cybersecurity is bringing others along with you on the journey
• Work well with a team, and admit to and learn from mistakes
• Strong written and verbal communicator who can promote consistent messaging while tailoring information to suit the audience\’s needs
• Have a strong desire to grow your technical understanding of technology, cybersecurity and associated risks