Cyber Security Third Party Risk Senior Analyst

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

Role Summary

Key relationships & committees

• Working closely with the key stakeholders in Third Party Risk Management, Security Architecture and Governance teams to ensure adequate controls are adhered to when onboarding new vendors.
• Working with the First- and Second-line Risk teams to develop and maintain risk profiles for key LSEG third parties
• Working with Application Owners and their teams to ensure the results of Application Health assessments are understood and be acted upon.

Location - Bengaluru - India

Key responsibilities

Cyber Third-Party Risk Management

• Responsible for conducting timely security impact assessments of third-party suppliers recording results accurately and initiating appropriate assurance response.
• To produce high quality, informative and accurate reports in respect of third-party assurance assessments.
• Provide advice and guidance to internal and external stakeholders on Cyber Security Minimum Requirements.
• Ensure assurance portfolio of third-party suppliers remains updated, manage vendor cyber administrative schedules and communications.

Application Health Assessments

• Initiate the Application Health assessments for in-scope Applications
• Work collaboratively with Application Owners on the results of their Application Health assessments, guiding Application Owners through the process, support the reporting of results and signposting potential remediation activity.

General Role Responsibilities

• Provide advice to Cyber Security Third Party Risk advice based on the vendor services to business stakeholders
• Participate in and contribute to internal Cyber Security forums and bodies. Assist in the improvement of risk management and Cyber Security controls within the Group.
• Ensure all activity is compliant with NIST, GDPR and other
• Contribute to the collection, reporting and management of Key Risk Indicators (KRI’s) and Management Information (MI’s).

Leadership responsibilities

This is an Individual Contributor role, reporting to the Senior Manager leading the function. The role is part of a global Team and is seen by management as a trusted partner in a 'high support and high challenge' relationship.

Critical deliverables

Cyber Third-Party Risk Management

• Ongoing third-party security assessments
• Management of third-party schedules and administrative tasks in partnership with key stakeholder groups
• Third party security risk reporting and metrics
• Working with Group Third Party Risk Management to align assessments, schedules and best practice activities for cyber security

Application Health Assessments

• Prioritised Application Health assessments outcomes – with signposting and advice to triage, sequence, report and remediate issues.Development of feedback on thematic areas resulting from Application Health assessments – to be taken forward by Cyber and Engineering leadership.

Diversity & Inclusion

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.