Information Security GRC and Operational Resilience Analyst

London, England, United Kingdom

2/17/2025

Job Description

“We have people at heart, and business at mind.”

Why Euroclear? We believe that our people are our strength. The diverse talents that our employees offer are directly linked to our global success. We are committed to crafting an inclusive culture that celebrates diversity and strive to be a Great Place to Work for All.

We are an organization that values people and has a well-established reputation in the global markets. As a trusted provider of post-trade services, Euroclear connects participants from around the world, facilitating the transfer of money and securities. Join us and make a meaningful impact in the financial markets while pursuing your own personal and professional goals.

We are a multinational company with a workforce of over 6000 people, emphasizing high performance and continuous development. By joining our team, you'll have the opportunity to work in a stimulating and diverse environment that promotes personal and professional growth.

Dept/Team: CTO/CISO & Op Resilience

The EUI CISO team provides oversight of the Group CISO office and manage the service it delivers, and EUI’s cyber risk, to ensure that EUI can continue to provide its services to the UK Financial Sector.

The EUI Operational Resilience team is dedicated to ensuring the resilience of EUI, so that we are trusted by our clients and other stakeholders.

General Description

The role entails applying GRC knowledge to manage EUI's cyber risks and support resilience deliverables.

Collaborating with EUI and Euroclear Group teams on Information Security and Operational Resilience objectives.

Job Responsibilities

• Working for the EUI CISO to mature Information Security risk management, including the following areas of responsibility:
• Improve third-party and supply chain risk management for Information Security, including requirements from customers and vendor due diligence.
• Manage and develop relevant metrics to measure and track cyber risks, and to monitor supplier compliance with the security control framework.
• Monitor and assess important metrics for Information Security on a monthly basis.
• Manage our Information Security policies, standards and procedures, our public-facing security documentation and contribute to our Information Security Strategy.
• Be a champion for all things Information Security risk across the business and act as local Security Coordinator, with the Group Security Awareness team, for awareness activities.
• Support the delivery of the Operational Resilience framework, including engagement in the following activities:
• Review of EUI’s Important Business Services and Impact Tolerances.
• Business Impact Analysis and the mapping of EUI’s Important Business Services.
• Business Continuity Planning.
• Delivery of the annual Operational Resilience Testing Plan.
• Annual threat assessment exercise and maintenance of EUI’s set of Extreme but Plausible Scenarios.
• Support of the crisis and incident management framework, including facilitating EUI’s Bronze/Silver incident management meetings.
• Support the management of the Information Security and Operational Resilience risk and control environment.
• Support and contribute to the monthly and quarterly Information Security and Operational Resilience reporting requirements.
• Prepare inputs for relevant governance bodies, presenting to the Risk and Operating Committee/Management Committee, and preparing reports for the business.
  

Work Hours & Benefits

Working patterns will be the standard Monday to Friday arrangement with flexibility for remote working. Occasional travel to Brussels will be required.

This role requires on call support for incident/crisis management meetings. Additional compensation is paid for those on call.

Skills And Qualifications

• Communication: good interpersonal and communication skills (written and verbal) to effectively interact with team members, senior management, and external partners.
• Team Collaboration: A collaborative approach that encourages teamwork and cooperation.
• Adaptability: Ability to adapt to changing priorities and thrive in a highly-regulated environment.
• Demonstrated experience in governance, risk and compliance, ideally in a regulated sector.
• Familiarity with the risk management processes, including risk identification, assessment and mitigation, using control frameworks such as NIST, ISO27001, CIS18.
• Experience of third-party risk management and vendor security due diligence.
• Experience developing and managing policies and procedures.
• Experience of Operational Resilience and Incident/Crisis Management.
• An interest in security and risk in the internet and digital economy.
• A self-starter attitude with a willingness to get involved in areas outside of the immediate role description.
  
  

Great Place to Work for All

We believe that our people are our strength. The diverse talents that our employees offer are directly linked to our global success. We are committed to creating an inclusive culture that celebrates diversity and aim to be a Great Place to Work for All.

All qualified applicants will be considered for employment, regardless of their race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, pregnancy, neurodiversity, disability, or any other aspect that makes them unique.

If you need any specific accommodation due to disability or any other reason, you can let the recruiter know during your application process.

For more information please https://www.euroclear.com/careers