Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber risk management and ensure robust security policies are in place.
- Company: Join a leading organisation focused on cybersecurity and risk governance.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact by safeguarding technology and ensuring compliance with industry standards.
- Qualifications: Experience in Information Security and Risk Management; strong communication skills.
- Other info: Dynamic role with opportunities to work across various teams and enhance your career.
The predicted salary is between 36000 - 60000 £ per year.
The Cyber Risk, Standards & Governance Analyst plays a critical role in safeguarding the organization’s technology ecosystem by ensuring that robust cybersecurity policies, standards, and governance frameworks are in place and consistently applied. This position is central to embedding effective cyber risk management practices across the enterprise, enabling secure operations while meeting regulatory and compliance obligations. You will act as a trusted advisor and connector between security, engineering, risk, and audit teams, ensuring that security requirements are practical, actionable, and aligned with business objectives. By maintaining clear and current standards, driving compliance with industry certifications, and providing oversight on risk remediation, you will help the organization reduce exposure to cyber threats and maintain resilience in an evolving risk landscape.
Why this role matters:
- Ensures that critical assets, data, and systems remain secure against emerging threats.
- Maintains adherence to regulatory requirements and external certifications (ISO 27001, SOC 2), reducing audit findings and reputational risk.
- Provides governance and risk assurance that allows the business to innovate and scale securely.
- Strengthens confidence among clients, regulators, and internal stakeholders by demonstrating a mature and proactive security posture.
Key Responsibilities
- Review, update, and maintain TP ICAP Information Security Policies and Standards in line with Enterprise Risk Management and regulatory requirements.
- Provide guidance on the development, implementation, and communication of Policies and Standards; advise on enhancements or changes.
- Ensure stakeholders understand Policy and Standard requirements and support adoption through granular technology/application-specific controls.
- Coordinate compliance activities for external certifications and audits (e.g., SOC 2, ISO 27001), including audit preparation, reporting, and remediation tracking.
- Provide assurance that key Information Security risks are identified, mitigated, and monitored within the Enterprise Risk Management framework.
- Conduct periodic reviews of Cyber and Information Security risks; prioritize remediation actions based on risk severity.
- Support Enterprise Risk Management activities for the Information Security function, including control attestations, issue/action/event management, and representation in risk committees.
- Assess effectiveness of Information Security controls and track remediation of deficiencies.
- Track, analyze, and report on Key Risk Indicators (KRIs).
- Support the Information Security Committee with inputs and follow-up actions.
- Ensure Information Security projects align with internal standards and are consistently managed and tracked.
- Represent Information Security in Enterprise Risk Management reviews for assets, including inherent risk evaluation, vendor control assessments, and residual risk calculations.
- Execute security-focused risk and gap assessments for IT infrastructure, applications, vendors, and third parties.
- Develop and consult on risk mitigation strategies and coordinate execution globally.
- Provide subject matter expertise on Information Risk to relevant business units.
Experience / Competencies
- Essential
- Demonstrated experience in Information Security and Risk Management within complex organizations.
- Ability to make informed decisions and provide consultancy in Information Security and Technology risk domains.
- Proven capability to collate, analyze, and report on Information Security and Technology Risk themes across diverse environments.
- Knowledge of key frameworks and standards: ISO 27001, SOC 2, NIST 800-53, CIS Benchmarks, OWASP.
- Conversant in audit and risk assessment methodologies.
- Extensive IT and Risk Management background.
- Excellent communication and writing skills; ability to interact effectively with senior IT and business stakeholders.
- Proven organizational skills with ability to manage time effectively and work independently.
- Desired
- Professional certifications such as CISSP, CISA, CRISC, CEH.
- Experience with GRC platforms and leading governance-related initiatives.
- Prior experience in financial services or other highly regulated industries.
- Degree in Computer Science, Information Security, or related field (preferred but not essential).
- Experience in leading teams or providing oversight on security projects.
Cyber Risk, Standards & Governance Lead in London employer: TP ICAP
Contact Detail:
TP ICAP Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Risk, Standards & Governance Lead in London
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cybersecurity field. Attend industry events, webinars, or even local meetups. The more people you know, the better your chances of landing that Cyber Risk, Standards & Governance Lead role.
✨Tip Number 2
Show off your expertise! When you get the chance to chat with potential employers, don’t hold back on sharing your knowledge about ISO 27001 or SOC 2. Make it clear that you’re not just familiar with these standards, but that you can implement them effectively.
✨Tip Number 3
Prepare for those interviews! Research the company’s current cybersecurity policies and think about how you can contribute to enhancing them. Bring specific examples of how you've tackled similar challenges in the past to show you mean business.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of resources to help you ace your job search. Plus, applying directly shows your enthusiasm and commitment to joining our team in safeguarding the tech ecosystem.
We think you need these skills to ace Cyber Risk, Standards & Governance Lead in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Cyber Risk, Standards & Governance Lead role. Highlight your experience in Information Security and Risk Management, and show how your skills align with our needs. We want to see how you can contribute to our mission!
Showcase Your Expertise: Don’t hold back on sharing your knowledge of key frameworks like ISO 27001 and SOC 2. We’re looking for someone who can demonstrate their understanding of these standards and how they apply to real-world scenarios. Let us know how you've tackled similar challenges in the past!
Be Clear and Concise: When writing your application, keep it straightforward and to the point. Use clear language to convey your ideas and experiences. We appreciate well-structured applications that make it easy for us to see your qualifications at a glance.
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at StudySmarter!
How to prepare for a job interview at TP ICAP
✨Know Your Cybersecurity Standards
Familiarise yourself with key frameworks like ISO 27001 and SOC 2. Be ready to discuss how these standards apply to the role and how you’ve implemented them in past experiences. This shows you’re not just knowledgeable but also practical in applying these standards.
✨Demonstrate Your Risk Management Skills
Prepare examples of how you've identified, mitigated, and monitored information security risks in previous roles. Use specific metrics or outcomes to illustrate your impact. This will help the interviewers see your hands-on experience in action.
✨Communicate Effectively
Since this role involves liaising with various teams, practice articulating complex cybersecurity concepts in simple terms. Think about how you would explain a technical issue to a non-technical stakeholder. Clear communication can set you apart from other candidates.
✨Show Your Consultancy Approach
Be prepared to discuss how you’ve acted as a trusted advisor in previous positions. Highlight instances where you’ve provided guidance on policy development or compliance activities. This demonstrates your ability to influence and support stakeholders effectively.
