Banner Default Image
Back to job search

Principal Security & Regulatory Governance Specialist

  • Location:


  • Sector:

    Governance, Risk & Compliance, Information Security

  • Job type:


  • Job functions:

    Security Risk, Security Compliance, Security

  • Salary:

    £70000 - £80000 per annum + + bonus + package

  • Contact:

    Liam Watson

  • Contact email:

  • Job ref:


  • Published:

    23 days ago

  • Expiry date:


  • Startdate:


Principal Information Security GRC & Regulatory Governance Specialist

HQ in City of London (office commitment c. 1 day per week)

Up to £80,000 + bonus + package

La Fosse are looking for an Information Security GRC & Regulatory Governance Specialist to join an extremely high profile financial services organisation based in London. The business boasts over 20k employees and operates as one of the key financial services institutions in the UK market.

Working in the Cyber GRC function, you will play an important business facing role in setting, driving & implementing regulatory standards within cyber security. Operating in a 1.5 line of defence role, you will be the interface between the regulator and the cyber security function managing key relationships and ensuring appropriate controls & regulatory standards are embedded across cyber security. This is a new role for the business with a broad focus spanning cyber security, operational resilience & regulatory standards. You will have a strategic focus providing key oversight to this domain, building strong relationships internal & externally, and collaborating across multiple teams.

Requirements include:

  • Broad experience across information & cyber security, with an ability to face off to cyber security teams providing advice & guidance on security standards, controls & processes.
  • Breadth of experience spanning operational resilience and regulatory standards is highly desirable - an understanding of how to translate regulatory demands to internal security standards.
  • Good understanding of technology, infrastructure & security standards (not deeply technical, but an ability to converse on these topics).
  • Strong awareness of current regulatory requirements.
  • Confident in stakeholder management, with an ability to challenge & advise where appropriate.