Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cybersecurity governance and audit functions with a focus on Identity and Access Management.
- Company: Join a dynamic team at London Stock Exchange Group, a leader in financial markets.
- Benefits: Competitive salary, professional development, and a collaborative work environment.
- Why this job: Shape the future of cybersecurity governance and make a real impact.
- Qualifications: 7+ years in cybersecurity governance, risk, and audit; strong IAM expertise required.
- Other info: Be part of a diverse culture that values innovation and sustainability.
The predicted salary is between 36000 - 60000 £ per year.
We are looking for a dynamic and influential Lead, Security Controls Specialist to lead our Cybersecurity Governance & Audit function with a solid focus on Identity and Access Management (IAM). This is a high-impact role at the intersection of cybersecurity, compliance, and identity governance, ideal for a seasoned professional who thrives in complex, regulated environments. You will be responsible for shaping and maturing our cybersecurity governance framework, leading external audit and regulatory engagements, and serving as a trusted advisor to both internal and external stakeholders. You will play a critical role in articulating our IAM architecture and control posture to clients, auditors, and regulators, ensuring transparency, assurance, and continuous improvement.
The ideal candidate brings deep expertise in IAM governance, Privileged Access Management (PAM), and Identity Governance and Administration (IGA), along with the confidence to challenge evidence, defend control design, and drive audit readiness across the enterprise.
Key Responsibilities- Governance & Compliance
- Lead the development, implementation, and continuous improvement of cybersecurity governance frameworks, policies, and standards.
- Ensure alignment with regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX).
- Drive policy adoption and compliance across business units and technology teams.
- Audit Management
- Own the end-to-end process for external cybersecurity and identity-related audits, including planning, coordination, evidence collection, and response to observations.
- Act as the main point of contact for external auditors, regulators, and third-party assurance teams.
- Support client audits and due diligence activities by articulating the organisation’s IAM architecture, controls, and operational processes.
- Review and challenge audit evidence to ensure accuracy, completeness, and relevance.
- Track and manage audit findings, ensuring timely remediation and closure.
- Collaborate with internal teams to ensure audit readiness and continuous improvement of control environments.
- IAM Governance
- Lead the strategic development and continuous improvement of IAM governance frameworks, ensuring alignment with enterprise security architecture and zero trust principles.
- Define and enforce policies for identity lifecycle management, access provisioning/deprovisioning, and role engineering across hybrid environments (cloud/on-prem).
- Oversee technical governance of PAM and IGA platforms, including integration with SIEM, ITSM, and HR systems.
- Drive automation and analytics in IAM processes to improve efficiency, reduce risk, and support audit readiness.
- Collaborate with IAM engineering and operations teams to ensure secure implementation of access controls, including API-level enforcement and dynamic access policies.
- Establish and monitor IAM governance KPIs (e.g., access review completion rates, orphaned accounts, SoD violations) and report to senior leadership.
- Risk & Controls
- Oversee the design and effectiveness of cybersecurity controls across the organisation.
- Conduct control assessments and gap analyses to identify areas of improvement.
- Collaborate with internal teams to define and implement risk mitigation strategies.
- Stakeholder Engagement
- Build strong relationships with internal and external stakeholders, including IT, Legal, Risk, Business Units, clients, auditors, and regulators.
- Represent the IAM function in external forums, including regulatory reviews, client assurance meetings, and third-party risk assessments.
- Provide clear, concise, and actionable reporting to senior leadership and governance committees.
- Educate and influence stakeholders on cybersecurity governance, IAM architecture, and audit readiness.
- Proven experience (7+ years) in cybersecurity governance, risk, and audit within a complex enterprise environment.
- Strong understanding of audit methodologies and regulatory frameworks (ISO 27001, NIST).
- Deep technical understanding of IAM architecture, protocols (SAML, OAuth, OpenID Connect), and directory services (LDAP, AD, Azure AD).
- Experience designing and implementing scalable IAM solutions in complex, multi-cloud environments.
- Familiarity with identity threat detection and response capabilities.
- Proven ability to translate business requirements into secure and compliant IAM solutions.
- Demonstrated ability to manage external audits and confidently engage with auditors.
- Experience reviewing and challenging technical and procedural evidence.
- Strong knowledge of IAM principles and governance.
- Hands-on experience with PAM solutions (BeyondTrust/CyberArk) and IGA platforms (e.g. SailPoint).
- Excellent communication and stakeholder management skills.
- Strong analytical and problem-solving capabilities.
- Relevant certifications (e.g., CISA, CISM, CRISC, CISSP) preferred.
- Strategic thinker with a pragmatic approach to governance and compliance.
- Ability to influence and drive change across diverse teams.
- Comfortable working in high-pressure environments with tight deadlines.
- Experience in regulated industries (e.g., financial services, healthcare, utilities) is a plus.
- Competitive salary and benefits package.
- Opportunity to shape and lead cybersecurity governance in a dynamic organisation.
- Collaborative and inclusive work environment.
- Professional development and certification support.
Lead, Security Controls Specialist, IAM in London employer: London Stock Exchange Group
Contact Detail:
London Stock Exchange Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead, Security Controls Specialist, IAM in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field, especially those who work in IAM. A friendly chat can lead to insider info about job openings or even referrals that could give you a leg up.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of IAM frameworks and compliance standards. Be ready to discuss how you've tackled challenges in previous roles, as this will show your expertise and confidence in the field.
✨Tip Number 3
Don’t just apply; engage! When you submit your application through our website, follow up with a quick email to express your enthusiasm for the role. This shows initiative and keeps you on the radar of hiring managers.
✨Tip Number 4
Stay updated on industry trends and news. Being knowledgeable about the latest in cybersecurity governance and IAM will not only help you in interviews but also position you as a thought leader among your peers.
We think you need these skills to ace Lead, Security Controls Specialist, IAM in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in IAM and cybersecurity governance. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant achievements!
Showcase Your Expertise: When detailing your experience, focus on your deep understanding of IAM architecture and audit methodologies. We’re looking for someone who can confidently engage with auditors, so share examples that demonstrate your ability to challenge evidence and drive audit readiness.
Be Clear and Concise: Keep your application straightforward and to the point. Use clear language to articulate your thoughts, especially when discussing complex topics like cybersecurity frameworks and compliance. We appreciate clarity as much as we value expertise!
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for this exciting opportunity. We can’t wait to hear from you!
How to prepare for a job interview at London Stock Exchange Group
✨Know Your IAM Inside Out
Make sure you have a solid grasp of Identity and Access Management principles, especially around Privileged Access Management and Identity Governance. Be ready to discuss specific frameworks like ISO 27001 and NIST, and how they apply to the role.
✨Prepare for Audit Scenarios
Since this role involves managing audits, think about past experiences where you've led or participated in audits. Prepare to share examples of how you handled evidence collection and responded to findings, showcasing your ability to challenge and defend control designs.
✨Showcase Your Stakeholder Engagement Skills
This position requires strong communication with various stakeholders. Be prepared to discuss how you've built relationships with internal teams and external auditors, and how you’ve influenced compliance and governance across different business units.
✨Demonstrate Strategic Thinking
Think about how you can contribute to the continuous improvement of cybersecurity governance frameworks. Be ready to discuss your approach to aligning IAM strategies with enterprise security architecture and how you would drive policy adoption across teams.
