Job information: Functional title - VP, Information Security Risk and Control Department - Chief Controls Office Corporate level - Vice President Report to - Executive Director, Technology Risk and Control Location - London What you will be doing: This is an exciting opportunity for a talented individual to join our newly formed Chief Controls office (CCO), a dedicated first line risk and control function. This role has arisen due to the expansion of responsibilities, offering the successful candidate the opportunity to make an impact and actively contribute to the evolution of this new group. As part of the CCO team, you will play a key role: Improving the oversight of non-financial risks, bringing risk and control subject matter expertise to partner with 1LOD business owners to proactively identify, assess and mitigate risks. Providing cross functional oversight across the first line, driving best practices and consistency in control standards for the effective control of risks to within risk appetite. Driving behaviors to foster a risk-aware and risk intelligent culture where employees recognize their role as risk managers and the importance of the control framework. The role would suit candidates with 2LOD/3LOD experience looking for an opportunity to move into 1LOD, or candidates with 1LOD control/control remediation/validation or Technology experience. The Information Security Risk & Control Vice President is a key member of the CCO team who will work closely with the Information Security department (part of the Technology division) in the control of risks. This includes but is not limited to: Strategic: Develop and implement a consistent, effective and efficient approach to the control of risks. Identify and deliver best practices in control standards across CLS. Lead Technology's engagement with Audit, also key liaison with 2LOD Risk and Compliance. Operational: Support the identification, assessment of risks and controls. Review remediation plans from a risk/control lens to ensure risks are sufficiently addressed, consider design/operating effectiveness, strategic/tactical solutions etc. Monitor and report on corrective actions. Contribute to risk appetite statements and emerging risks. Review KRIs to ensure meaningful metrics for management oversight, review/challenge breaches to understand root causes, consult on lessons learned exercises and work with business owners to develop a 'path to green' where appropriate. Consolidate and report on the results of risk and control activity to internal stakeholders, escalating as required. Leadership: Support adhoc cross-Technology control initiatives where appropriate. Build strong relationships with peers to enable cross functional oversight, and develop and implement best practices. Share knowledge and experience with other members of the team, driving consistency and 'added value'. Establish positive working relationships with senior stakeholders across the business. What we're looking for: Experience of Internal Audit engagement, control remediation and audit validation either from a 1LOD ownership perspective or 2LOD/3LOD validation. Knowledge of Information Security within Financial Services, and ability to demonstrate an understanding of key challenges and risks which must be mitigated and managed to enable successful delivery. Minimum of 5 years or more of experience in one or more of the following: Information Security Risk Management Internal Audit Compliance Knowledge of Financial Services, Financial Markets Utilities or another highly regulated industry sector is essential. Experience of regulatory engagement preferred. Professional qualifications / certifications: Qualifications in any of the following specialisms would be beneficial but not essential: Risk Management Internal Audit Compliance Project Management Information Security process governance
Feb 21, 2025
Full time
Job information: Functional title - VP, Information Security Risk and Control Department - Chief Controls Office Corporate level - Vice President Report to - Executive Director, Technology Risk and Control Location - London What you will be doing: This is an exciting opportunity for a talented individual to join our newly formed Chief Controls office (CCO), a dedicated first line risk and control function. This role has arisen due to the expansion of responsibilities, offering the successful candidate the opportunity to make an impact and actively contribute to the evolution of this new group. As part of the CCO team, you will play a key role: Improving the oversight of non-financial risks, bringing risk and control subject matter expertise to partner with 1LOD business owners to proactively identify, assess and mitigate risks. Providing cross functional oversight across the first line, driving best practices and consistency in control standards for the effective control of risks to within risk appetite. Driving behaviors to foster a risk-aware and risk intelligent culture where employees recognize their role as risk managers and the importance of the control framework. The role would suit candidates with 2LOD/3LOD experience looking for an opportunity to move into 1LOD, or candidates with 1LOD control/control remediation/validation or Technology experience. The Information Security Risk & Control Vice President is a key member of the CCO team who will work closely with the Information Security department (part of the Technology division) in the control of risks. This includes but is not limited to: Strategic: Develop and implement a consistent, effective and efficient approach to the control of risks. Identify and deliver best practices in control standards across CLS. Lead Technology's engagement with Audit, also key liaison with 2LOD Risk and Compliance. Operational: Support the identification, assessment of risks and controls. Review remediation plans from a risk/control lens to ensure risks are sufficiently addressed, consider design/operating effectiveness, strategic/tactical solutions etc. Monitor and report on corrective actions. Contribute to risk appetite statements and emerging risks. Review KRIs to ensure meaningful metrics for management oversight, review/challenge breaches to understand root causes, consult on lessons learned exercises and work with business owners to develop a 'path to green' where appropriate. Consolidate and report on the results of risk and control activity to internal stakeholders, escalating as required. Leadership: Support adhoc cross-Technology control initiatives where appropriate. Build strong relationships with peers to enable cross functional oversight, and develop and implement best practices. Share knowledge and experience with other members of the team, driving consistency and 'added value'. Establish positive working relationships with senior stakeholders across the business. What we're looking for: Experience of Internal Audit engagement, control remediation and audit validation either from a 1LOD ownership perspective or 2LOD/3LOD validation. Knowledge of Information Security within Financial Services, and ability to demonstrate an understanding of key challenges and risks which must be mitigated and managed to enable successful delivery. Minimum of 5 years or more of experience in one or more of the following: Information Security Risk Management Internal Audit Compliance Knowledge of Financial Services, Financial Markets Utilities or another highly regulated industry sector is essential. Experience of regulatory engagement preferred. Professional qualifications / certifications: Qualifications in any of the following specialisms would be beneficial but not essential: Risk Management Internal Audit Compliance Project Management Information Security process governance
Job information: Functional title - Director, Information Cyber Security (SOC) Department - IT Security Corporate level - Director Report to - Executive Director, Information Cyber Security Location - London, Canary Wharf. Onsite 2 days per week. What you will be doing: The regional lead for our Cybersecurity Operations team will lead, develop, and align the UK security operations team in line with the global SecOps function, evolving cyber threat landscape, and the risks posed to delivering our FX settlement services to the market. Lead the Firm's Cyber Incident Response capabilities and guide the development/ enhancement of all applicable cybersecurity controls during hours where region has primacy. Lead the Firm's Information Security Incident Response program when region has primacy and contribute to the development/ enhancement of applicable data loss prevention (DLP) and User and Entity Behavior Analytic (UEBA) rules and policies. Accountable for the Firm's Purple Team program integrating offensive cyber activities with cyber control enhancements to improve our overall security posture. Support the organization's Vulnerability Management program, ensuring vulnerabilities are managed within standards to improve our cyber resilience posture. Responsible for training and certification of CLS Security Operations personnel and supporting consultants. Provide regional oversight and leadership to activities that enable a 24/7 follow the sun operations model. Leadership: Leads by Example: Demonstrates the technical and professional skills expected across the global team through personal action. Accountable and effective communicator: Clearly takes charge of the duties outlined above and communicates well with stakeholders so teams can operate in unison where required. Innovator and Change Agent: Always striving to find ways to automate existing processes, streamline and simplify complexity, and incorporate new ideas and capabilities to enhance our security posture and make the team stronger and better. Decisive: provides clear direction during cyber incident response to the Security Operations team and all associated stakeholders. Identify risks: Able to synthesize capability gaps and articulate them so the Firm can manage risk in alignment with its risk management strategy. Manages ambiguity: operating effectively and decisively, even when things are not certain, or the way forward is unclear. Collaborates: building partnerships and working collaboratively with others to meet shared objectives. Influence: proven success navigating and operating effectively in a matrix organization. Customer focus: building strong partnerships and delivering customer-centric solutions. Committed to professional development with a personal appetite to grow and contribute further to the organization over time. What we're looking for: Bachelor's degree in Cybersecurity, Information Technology, intelligence or a related field (Master's degree preferred) 8+ years' experience in cybersecurity / SOC positions, ideally within other entities within the CLS ecosystem of financial institutions, central banks, regulators and other FMIs. 4+ years in cybersecurity/ SOC leadership positions. Comprehensive hands-on experience with SIEM/ SOAR platforms, cloud security principles, endpoint security tools, malware analysis and digital forensics and incident response. CISSP, CISM, GIAC, or CEH are highly desirable. A proven technologist with strong technical and cyber understanding, appreciation of modern systems architecture and associated security requirements. Detailed understanding of managing and providing oversight of critical vendors and the services they deliver. Exemplary reputation as a respected and trusted executive leader in cybersecurity.
Feb 08, 2025
Full time
Job information: Functional title - Director, Information Cyber Security (SOC) Department - IT Security Corporate level - Director Report to - Executive Director, Information Cyber Security Location - London, Canary Wharf. Onsite 2 days per week. What you will be doing: The regional lead for our Cybersecurity Operations team will lead, develop, and align the UK security operations team in line with the global SecOps function, evolving cyber threat landscape, and the risks posed to delivering our FX settlement services to the market. Lead the Firm's Cyber Incident Response capabilities and guide the development/ enhancement of all applicable cybersecurity controls during hours where region has primacy. Lead the Firm's Information Security Incident Response program when region has primacy and contribute to the development/ enhancement of applicable data loss prevention (DLP) and User and Entity Behavior Analytic (UEBA) rules and policies. Accountable for the Firm's Purple Team program integrating offensive cyber activities with cyber control enhancements to improve our overall security posture. Support the organization's Vulnerability Management program, ensuring vulnerabilities are managed within standards to improve our cyber resilience posture. Responsible for training and certification of CLS Security Operations personnel and supporting consultants. Provide regional oversight and leadership to activities that enable a 24/7 follow the sun operations model. Leadership: Leads by Example: Demonstrates the technical and professional skills expected across the global team through personal action. Accountable and effective communicator: Clearly takes charge of the duties outlined above and communicates well with stakeholders so teams can operate in unison where required. Innovator and Change Agent: Always striving to find ways to automate existing processes, streamline and simplify complexity, and incorporate new ideas and capabilities to enhance our security posture and make the team stronger and better. Decisive: provides clear direction during cyber incident response to the Security Operations team and all associated stakeholders. Identify risks: Able to synthesize capability gaps and articulate them so the Firm can manage risk in alignment with its risk management strategy. Manages ambiguity: operating effectively and decisively, even when things are not certain, or the way forward is unclear. Collaborates: building partnerships and working collaboratively with others to meet shared objectives. Influence: proven success navigating and operating effectively in a matrix organization. Customer focus: building strong partnerships and delivering customer-centric solutions. Committed to professional development with a personal appetite to grow and contribute further to the organization over time. What we're looking for: Bachelor's degree in Cybersecurity, Information Technology, intelligence or a related field (Master's degree preferred) 8+ years' experience in cybersecurity / SOC positions, ideally within other entities within the CLS ecosystem of financial institutions, central banks, regulators and other FMIs. 4+ years in cybersecurity/ SOC leadership positions. Comprehensive hands-on experience with SIEM/ SOAR platforms, cloud security principles, endpoint security tools, malware analysis and digital forensics and incident response. CISSP, CISM, GIAC, or CEH are highly desirable. A proven technologist with strong technical and cyber understanding, appreciation of modern systems architecture and associated security requirements. Detailed understanding of managing and providing oversight of critical vendors and the services they deliver. Exemplary reputation as a respected and trusted executive leader in cybersecurity.
Job information: Functional title - Product Manager Department - Product Corporate level - Assistant Vice President Report to - Director, Product Location - London What you will be doing: Our product team is instrumental in driving CLS's strategic growth, leading the continuous improvement and evolution of CLS's product portfolio. Working closely with senior product managers, you will play a key role throughout the entire product lifecycle, from product discovery and design to delivery and ongoing management, providing essential support and actively contributing to various product initiatives. Key Responsibilities: Define and execute product strategy and roadmap. Product discovery, validation of new concepts and ideas. Identify gaps/pain points and translate into actionable opportunities for product enhancement. Day-to-day ownership and management of designated products. Serve as subject matter expert for assigned products, demonstrating deep understanding of functionality, workflows, messaging, use cases and value proposition. Demonstrate the product to potential customers and provide training to new users. Gather and prioritize client feedback to inform product enhancements. Collaborate with cross-functional teams to ensure successful delivery and roll-out of product enhancements. Analyse data and generate actionable insights for reporting and driving decision making. Be hands-on and delve into functional and technical details when necessary. Build and maintain strong relationships with clients and business partners. What we're looking for: We are seeking a highly motivated product manager who can demonstrate strong product sense, analytical thinking, problem-solving and communication skills. You will be a great fit if you are a self-starter who thrives in a collaborative environment, excels at problem-solving and communicates effectively with both technical and business stakeholders. Knowledge, skills and abilities: Creative mindset with strong product sense and design sensibility. Knowledge of FX and capital markets, products and operational processes through front to back office. Strong understanding of development processes, methodologies and tools. Data analysis and visualization skills, with ability to transform data into actionable insights. Ability to clearly articulate business logic and requirements to technical partners. Strong analytical capabilities, problem-solving and sound judgment. Excellent written and verbal communication skills with attention to detail, maintaining high standards for all deliverables. Professional qualifications / certifications: Relevant work experience preferably in financial services. Bachelor's degree in technology/finance/business or related field of study. Track record of working in multi-disciplinary teams.
Feb 08, 2025
Full time
Job information: Functional title - Product Manager Department - Product Corporate level - Assistant Vice President Report to - Director, Product Location - London What you will be doing: Our product team is instrumental in driving CLS's strategic growth, leading the continuous improvement and evolution of CLS's product portfolio. Working closely with senior product managers, you will play a key role throughout the entire product lifecycle, from product discovery and design to delivery and ongoing management, providing essential support and actively contributing to various product initiatives. Key Responsibilities: Define and execute product strategy and roadmap. Product discovery, validation of new concepts and ideas. Identify gaps/pain points and translate into actionable opportunities for product enhancement. Day-to-day ownership and management of designated products. Serve as subject matter expert for assigned products, demonstrating deep understanding of functionality, workflows, messaging, use cases and value proposition. Demonstrate the product to potential customers and provide training to new users. Gather and prioritize client feedback to inform product enhancements. Collaborate with cross-functional teams to ensure successful delivery and roll-out of product enhancements. Analyse data and generate actionable insights for reporting and driving decision making. Be hands-on and delve into functional and technical details when necessary. Build and maintain strong relationships with clients and business partners. What we're looking for: We are seeking a highly motivated product manager who can demonstrate strong product sense, analytical thinking, problem-solving and communication skills. You will be a great fit if you are a self-starter who thrives in a collaborative environment, excels at problem-solving and communicates effectively with both technical and business stakeholders. Knowledge, skills and abilities: Creative mindset with strong product sense and design sensibility. Knowledge of FX and capital markets, products and operational processes through front to back office. Strong understanding of development processes, methodologies and tools. Data analysis and visualization skills, with ability to transform data into actionable insights. Ability to clearly articulate business logic and requirements to technical partners. Strong analytical capabilities, problem-solving and sound judgment. Excellent written and verbal communication skills with attention to detail, maintaining high standards for all deliverables. Professional qualifications / certifications: Relevant work experience preferably in financial services. Bachelor's degree in technology/finance/business or related field of study. Track record of working in multi-disciplinary teams.
Job Overview: The Infrastructure Architect plays a key role in CLS, possessing broad knowledge in Data Centre, Cloud Infrastructure & Platforms, with a focus on capability enhancements and continuous improvement. This role involves collaborating with cross-functional teams to understand business requirements, providing technical leadership, and ensuring the design meets CLS architectural principles and security standards. Key Responsibilities: Author High Level Solution Design, Solutions Overview and Conceptual Architectures. Design and architect solutions based on technical and business requirements. Develop and document architecture blueprints and best practices. Act as a lead Architecture on projects. Contribute to the development & management of Infrastructure Strategy. Contribute to the continuous improvement of Architecture within CLS. Contribute to product roadmaps & reference architectures. Key Competencies: Experience in Architecture. Strong experience in Cloud platforms, Data Centre, and hosting technologies. Ability to communicate solutions to other stakeholders. Broad knowledge of Networks & Security. Good knowledge of Risk management. Work closely with other architecture disciplines including Enterprise, Application, and Security, as well as Engineering and Operations. Provide technical guidance to team members and stakeholders. Identify & recommend opportunities for efficiency. Stay updated on new features and capabilities & best practices. Ability to deal with ambiguity and manage diversity. Share knowledge with the team and contribute to the organization's learning culture. Qualifications: Proven experience Architecting Infrastructure solutions. Industry recognized certifications (such as Togaf, AWS Certified Solutions Architect) in conjunction with application in previous roles are highly desirable. Strong understanding of infrastructure concepts, principles, and best practices. Excellent communication and interpersonal skills. Preferred Skills: Experience in IaC (nice to have). Knowledge of Compute virtualization and hypervisors. Knowledge of Operating systems (Windows and Linux) & Database Technologies. Knowledge of networking design and principles in both public cloud and traditional data center. Knowledge of hybrid cloud architectures. Ability to assess and recommend third-party tools and services to complement AWS offerings. Knowledge of 3rd party storage and firewall desired. Stakeholder management. Knowledge of cloud security.
Feb 03, 2025
Full time
Job Overview: The Infrastructure Architect plays a key role in CLS, possessing broad knowledge in Data Centre, Cloud Infrastructure & Platforms, with a focus on capability enhancements and continuous improvement. This role involves collaborating with cross-functional teams to understand business requirements, providing technical leadership, and ensuring the design meets CLS architectural principles and security standards. Key Responsibilities: Author High Level Solution Design, Solutions Overview and Conceptual Architectures. Design and architect solutions based on technical and business requirements. Develop and document architecture blueprints and best practices. Act as a lead Architecture on projects. Contribute to the development & management of Infrastructure Strategy. Contribute to the continuous improvement of Architecture within CLS. Contribute to product roadmaps & reference architectures. Key Competencies: Experience in Architecture. Strong experience in Cloud platforms, Data Centre, and hosting technologies. Ability to communicate solutions to other stakeholders. Broad knowledge of Networks & Security. Good knowledge of Risk management. Work closely with other architecture disciplines including Enterprise, Application, and Security, as well as Engineering and Operations. Provide technical guidance to team members and stakeholders. Identify & recommend opportunities for efficiency. Stay updated on new features and capabilities & best practices. Ability to deal with ambiguity and manage diversity. Share knowledge with the team and contribute to the organization's learning culture. Qualifications: Proven experience Architecting Infrastructure solutions. Industry recognized certifications (such as Togaf, AWS Certified Solutions Architect) in conjunction with application in previous roles are highly desirable. Strong understanding of infrastructure concepts, principles, and best practices. Excellent communication and interpersonal skills. Preferred Skills: Experience in IaC (nice to have). Knowledge of Compute virtualization and hypervisors. Knowledge of Operating systems (Windows and Linux) & Database Technologies. Knowledge of networking design and principles in both public cloud and traditional data center. Knowledge of hybrid cloud architectures. Ability to assess and recommend third-party tools and services to complement AWS offerings. Knowledge of 3rd party storage and firewall desired. Stakeholder management. Knowledge of cloud security.
Job Purpose The Architecture practice establishes and maintains the architectural framework to support the technology strategy within which IT solutions can be delivered. As a Technical Architect, your primary role is to ensure the seamless customization and integration of 3rd party provided business applications into the existing CLS environment. Key responsibilities include: Act as a lead architect on projects producing High Level Design documentation describing the overall technical design and demonstrating compliance to specific functional and non-functional requirements as well as alignment to technology standards, principles, and policies. Through collaboration with the business, vendors, and technology delivery teams provide ongoing Architectural review and management of 3rd party products and services to maintain a technology roadmap and strategic architecture. Provide feasibility & impact assessments of IT solutions to business and IT led initiatives. Knowledge, Skills, and Abilities Expert in leading the design and integration of applications and business services with experience of working in an Architecture design role. Experience with one or more of the following applications: SWIFT AMH, SAA, SAG, SNL, TDA, NetReveal Sanction Screening, Finastra PayPlus, Finastra SICIgt & TMPlus. Experience with several of the following technologies: SWIFT FIN and ISO20022 messaging, IBM MQ, IBM Db2, Oracle Database, Red Hat Linux, Windows Server. Experience of post-trade Foreign Exchange and Market Infrastructure Payment systems including SWIFT messaging and Central Bank RTGS connectivity desirable. Qualifications / Certifications Bachelor's degree in Business, Finance, Computer Science or related field, or equivalent experience. AWS Certified Solutions Architect at the Associate Level or equivalent Cloud-related solution architecture qualification. Solution Architect qualification or certification in Architecture methodology or technology solutions such as TOGAF. Success factors / 'How'. Personal characteristics contributing to an individual's ability to excel in the position Demonstrate and promote a risk culture appropriate for a critical market infrastructure. Strong interpersonal and influencing skills with excellent stakeholder management capabilities. Strong presentation skills, both written and verbal. Proactive self-starter with the ability to learn quickly and work independently, adept at managing multiple projects simultaneously. Strong analytical and problem-solving skills with an attention to detail.
Feb 02, 2025
Full time
Job Purpose The Architecture practice establishes and maintains the architectural framework to support the technology strategy within which IT solutions can be delivered. As a Technical Architect, your primary role is to ensure the seamless customization and integration of 3rd party provided business applications into the existing CLS environment. Key responsibilities include: Act as a lead architect on projects producing High Level Design documentation describing the overall technical design and demonstrating compliance to specific functional and non-functional requirements as well as alignment to technology standards, principles, and policies. Through collaboration with the business, vendors, and technology delivery teams provide ongoing Architectural review and management of 3rd party products and services to maintain a technology roadmap and strategic architecture. Provide feasibility & impact assessments of IT solutions to business and IT led initiatives. Knowledge, Skills, and Abilities Expert in leading the design and integration of applications and business services with experience of working in an Architecture design role. Experience with one or more of the following applications: SWIFT AMH, SAA, SAG, SNL, TDA, NetReveal Sanction Screening, Finastra PayPlus, Finastra SICIgt & TMPlus. Experience with several of the following technologies: SWIFT FIN and ISO20022 messaging, IBM MQ, IBM Db2, Oracle Database, Red Hat Linux, Windows Server. Experience of post-trade Foreign Exchange and Market Infrastructure Payment systems including SWIFT messaging and Central Bank RTGS connectivity desirable. Qualifications / Certifications Bachelor's degree in Business, Finance, Computer Science or related field, or equivalent experience. AWS Certified Solutions Architect at the Associate Level or equivalent Cloud-related solution architecture qualification. Solution Architect qualification or certification in Architecture methodology or technology solutions such as TOGAF. Success factors / 'How'. Personal characteristics contributing to an individual's ability to excel in the position Demonstrate and promote a risk culture appropriate for a critical market infrastructure. Strong interpersonal and influencing skills with excellent stakeholder management capabilities. Strong presentation skills, both written and verbal. Proactive self-starter with the ability to learn quickly and work independently, adept at managing multiple projects simultaneously. Strong analytical and problem-solving skills with an attention to detail.