Cyber Risk, Standards & Governance Lead

The TP ICAP Group is a world leading provider of market infrastructure.Our purpose is to provide clients with access to global financial and commodities markets, improving price discovery, liquidity, and distribution of data, through responsible and innovative solutions.Through our people and technology, we connect clients to superior liquidity and data solutions.The Group is home to a stable of premium brands. Collectively, TP ICAP is the largest interdealer broker in the world by revenue, the number one Energy & Commodities broker in the world, the world’s leading provider of OTC data, and an award winning all-to-all trading platform.Founded in London in 1866, the Group operates from more than 60 offices in 27 countries. We are 5,200 people strong. We work as one to achieve our vision of being the world’s most trusted, innovative, liquidity and data solutions specialist.**Role Overview**The Cyber Risk, Standards & Governance Analyst plays a critical role in safeguarding the organization’s technology ecosystem by ensuring that robust cybersecurity policies, standards, and governance frameworks are in place and consistently applied. This position is central to embedding effective cyber risk management practices across the enterprise, enabling secure operations while meeting regulatory and compliance obligations. You will act as a trusted advisor and connector between security, engineering, risk, and audit teams, ensuring that security requirements are practical, actionable, and aligned with business objectives. By maintaining clear and current standards, driving compliance with industry certifications, and providing oversight on risk remediation, you will help the organization reduce exposure to cyber threats and maintain resilience in an evolving risk landscape. Why this role matters:* Ensures that critical assets, data, and systems remain secure against emerging threats.* Maintains adherence to regulatory requirements and external certifications (ISO 27001, SOC 2), reducing audit findings and reputational risk.* Provides governance and risk assurance that allows the business to innovate and scale securely.* Strengthens confidence among clients, regulators, and internal stakeholders by demonstrating a mature and proactive security posture. **Key Responsibilities*** Review, update, and maintain TP ICAP Information Security Policies and Standards in line with Enterprise Risk Management and regulatory requirements.* Provide guidance on the development, implementation, and communication of Policies and Standards; advise on enhancements or changes.* Ensure stakeholders understand Policy and Standard requirements and support adoption through granular technology/application-specific controls.* Coordinate compliance activities for external certifications and audits (e.g., SOC 2, ISO 27001), including audit preparation, reporting, and remediation tracking.* Provide assurance that key Information Security risks are identified, mitigated, and monitored within the Enterprise Risk Management framework.* Conduct periodic reviews of Cyber and Information Security risks; prioritize remediation actions based on risk severity.* Support Enterprise Risk Management activities for the Information Security function, including control attestations, issue/action/event management, and representation in risk committees.* Assess effectiveness of Information Security controls and track remediation of deficiencies.* Track, analyze, and report on Key Risk Indicators (KRIs).* Support the Information Security Committee with inputs and follow-up actions.* Ensure Information Security projects align with internal standards and are consistently managed and tracked.* Represent Information Security in Enterprise Risk Management reviews for assets, including inherent risk evaluation, vendor control assessments, and residual risk calculations.* Execute security-focused risk and gap assessments for IT infrastructure, applications, vendors, and third parties.* Develop and consult on risk mitigation strategies and coordinate execution globally.* Provide subject matter expertise on Information Risk to relevant business units. **Experience / Competencies**Essential* Demonstrated experience in Information Security and Risk Management within complex organizations.* Ability to make informed decisions and provide consultancy in Information Security and Technology risk domains.* Proven capability to collate, analyze, and report on Information Security and Technology Risk themes across diverse environments.* Knowledge of key frameworks and standards: ISO 27001, SOC 2, NIST 800-53, CIS Benchmarks, OWASP.* Conversant in audit and risk assessment methodologies.* Extensive IT and Risk Management background.* Excellent communication and writing skills; ability to interact effectively with senior IT and business stakeholders.* Proven organizational skills with ability to manage time effectively and work independently. Desired* Professional certifications such as CISSP, CISA, CRISC, CEH.* Experience with GRC platforms and leading governance-related initiatives.* Prior experience in financial services or other highly regulated industries.* Degree in Computer Science, Information Security, or related field (preferred but not essential).* Experience in leading teams or providing oversight on security projects.**Band & Level*** Manager / 7#LI-MID #LI-Hybrid**Company Statement**We know that the best innovation happens when diverse people with different perspectives and skills work together in an inclusive atmosphere. That's why we're building a culture where everyone plays a part in making people feel welcome, ready and willing to contribute. TP ICAP Accord - our Employee Network - is a central to this. As well as representing specific groups, TP ICAP Accord helps increase awareness, collaboration, shares best practice, and holds our firm to account for driving continuous cultural improvement.**Location**UK - 135 Bishopsgate - London**Connecting clients, communities and colleagues for sustainable growth**TP ICAP connects people, platforms, ideas, and insight across the world’s financial, energy and commodities markets. As a global leader in market infrastructure and data-led solutions, we enhance market access, increase efficiencies, and unlock possibilities.**Work with us**Joining TP ICAP puts you at the heart of markets that matter.You’ll have the freedom to innovate and act on your initiative. We’ll train you and build your abilities in your specialist area, so that you can become an expert in your field. And all within a connected network that’s there to set you up for success.TP ICAP Group is a collection of premium brands each with a distinct, client-focused offering. Underpinning and connecting these client-facing brands is the financial security, operational strength and know-how we have as a Group.Connections are at the heart of what we do. We combine our people’s know-how with the latest technology to improve price discovery, trade execution and liquidity flow.Connections create strength. Through them, we help our clients to manage risk, realise investment strategies and expand the scope for growth.And connections act as a catalyst. Sparking richer solutions for our clients to break new ground, modernising markets for future performance, and creating dynamic careers for our people. Our capacity to connect builds trust, supports communities and gives us the power to anticipate and respond to change, whatever direction the world takes. It’s what makes TP ICAP a mainstay in the global markets, now and in the future.TP ICAP. We connect.