Security Risk Specialist
G-Research is Europe’s leading quantitative finance research firm. We hire the brightest minds in the world to tackle some of the biggest questions in finance. We pair this expertise with machine learning, big data, and some of the most advanced technology available to predict movements in financial markets.
We are looking for a Security Risk Specialist to join G-Research. You will bean integral member of the team responsible for developing and embedding the Security Risk Management framework throughout the organisation. At G-Research, Security Risk Management forms part of the Enterprise Risk Management function.
Reporting to the Security Risk Lead, this role will be responsible for:
- Providing Information Security Risk subject matter expertise
- Assisting in the establishment and formalisation of the Security Risk Management framework, including all associated processes and documentation
- Ensuring effective communication and awareness activities are delivered to business stakeholders to support the established framework
- Providing ongoing oversight and delivery of the established framework, including leading regular risk and control assessments and supporting the 1LoD with identified mitigation deliveries
- Providing clear security risk guidance on the organisation’s security mandate
- Independently assessing key system change or overarching business change against the established security risk profile
- Building and maintaining a broad understanding of the organisation’s technologies, processes, information flows, people and the security threats and vulnerabilities to them in order to mature the established security risk profile
- Proactively engaging the 1LoD in risk governance forums to challenge and advance the maturity of security risk across the organisation
- Building a good working relationship with risk and control owners across the organisation, ensuring they are clear of their responsibilities and accountabilities
- Assisting with the application upgrade of the current GRC tool to ensure that defined processes, key risks, and assessments are accurately reflected in the new system
- Ensuring that the quality of data held within the GRC tool is maintained to a high standard to accurately reflect the risk profile and enable well-informed decision-making across the organisation
- Providing training for key stakeholders within the 1LoD ensuring they are well versed in the use of the GRC tool
- Issuing security risk profile reporting independently to the Board
Who are we looking for?
The Security Risk Management team are looking for an experienced individual with a balanced knowledge of security and risk.
The ideal candidate will have:
- At least five years’ experience in a security risk management role in a FinTech, hedge fund, or technology company
- Knowledge and proficiency in Information Security frameworks such as ISO 27000 or NIST
- Knowledge of quantitative and qualitative methodologies for calculating security risk
- The ability to think outside of the box and identify suitable approaches without being constrained by standard ways of working
- Excellent verbal and written communication skills to report and present across a range of organisational layers
- Enthusiasm and drive to learn and develop new skills and knowledge
- Clear and detailed knowledge of working with the 3LoD operating model
- 2:1 degree or above
Why should you apply?
- Highly competitive compensation plus annual discretionary bonus
- Informal dress code and work/life balance
- Comprehensive healthcare and life assurance
- 25 days holiday
- 9% company pension contributions
- Cycle-to-work scheme
- Subsidised gym membership
- Monthly company events