The TP ICAP Group is a world leading provider of market infrastructure.
Our purpose is to provide clients with access to global financial and commodities markets, improving price discovery, liquidity, and distribution of data, through responsible and innovative solutions.
Through our people and technology, we connect clients to superior liquidity and data solutions.
The Group is home to a stable of premium brands. Collectively, TP ICAP is the largest interdealer broker in the world by revenue, the number one Energy & Commodities broker in the world, the world’s leading provider of OTC data, and an award winning all-to-all trading platform.
Founded in London in 1866, the Group operates from more than 60 offices in 27 countries. We are 5,200 people strong. We work as one to achieve our vision of being the world’s most trusted, innovative, liquidity and data solutions specialist.
Role Overview
The Cyber Risk, Standards & Governance Analyst plays a critical role in safeguarding the organization’s technology ecosystem by ensuring that robust cybersecurity policies, standards, and governance frameworks are in place and consistently applied. This position is central to embedding effective cyber risk management practices across the enterprise, enabling secure operations while meeting regulatory and compliance obligations.
You will act as a trusted advisor and connector between security, engineering, risk, and audit teams, ensuring that security requirements are practical, actionable, and aligned with business objectives. By maintaining clear and current standards, driving compliance with industry certifications, and providing oversight on risk remediation, you will help the organization reduce exposure to cyber threats and maintain resilience in an evolving risk landscape.
Why this role matters:
Ensures that critical assets, data, and systems remain secure against emerging threats.
Maintains adherence to regulatory requirements and external certifications (ISO 27001, SOC 2), reducing audit findings and reputational risk.
Provides governance and risk assurance that allows the business to innovate and scale securely.
Strengthens confidence among clients, regulators, and internal stakeholders by demonstrating a mature and proactive security posture.
Key Responsibilities
Review, update, and maintain TP ICAP Information Security Policies and Standards in line with Enterprise Risk Management and regulatory requirements.
Provide guidance on the development, implementation, and communication of Policies and Standards; advise on enhancements or changes.
Ensure stakeholders understand Policy and Standard requirements and support adoption through granular technology/application-specific controls.
Coordinate compliance activities for external certifications and audits (e.g., SOC 2, ISO 27001), including audit preparation, reporting, and remediation tracking.
Provide assurance that key Information Security risks are identified, mitigated, and monitored within the Enterprise Risk Management framework.
Conduct periodic reviews of Cyber and Information Security risks; prioritize remediation actions based on risk severity.
Support Enterprise Risk Management activities for the Information Security function, including control attestations, issue/action/event management, and representation in risk committees.
Assess effectiveness of Information Security controls and track remediation of deficiencies.
Track, analyze, and report on Key Risk Indicators (KRIs).
Support the Information Security Committee with inputs and follow-up actions.
Ensure Information Security projects align with internal standards and are consistently managed and tracked.
Represent Information Security in Enterprise Risk Management reviews for assets, including inherent risk evaluation, vendor control assessments, and residual risk calculations.
Execute security-focused risk and gap assessments for IT infrastructure, applications, vendors, and third parties.
Develop and consult on risk mitigation strategies and coordinate execution globally.
Provide subject matter expertise on Information Risk to relevant business units.
Experience / Competencies
Essential
Demonstrated experience in Information Security and Risk Management within complex organizations.
Ability to make informed decisions and provide consultancy in Information Security and Technology risk domains.
Proven capability to collate, analyze, and report on Information Security and Technology Risk themes across diverse environments.
Knowledge of key frameworks and standards: ISO 27001, SOC 2, NIST 800-53, CIS Benchmarks, OWASP.
Conversant in audit and risk assessment methodologies.
Extensive IT and Risk Management background.
Excellent communication and writing skills; ability to interact effectively with senior IT and business stakeholders.
Proven organizational skills with ability to manage time effectively and work independently.
Desired
Professional certifications such as CISSP, CISA, CRISC, CEH.
Experience with GRC platforms and leading governance-related initiatives.
Prior experience in financial services or other highly regulated industries.
Degree in Computer Science, Information Security, or related field (preferred but not essential).
Experience in leading teams or providing oversight on security projects.
Band & Level
Manager / 7
#LI-MID #LI-Hybrid
Not The Perfect Fit?
Concerned that you may not meet the criteria precisely? At TP ICAP, we wholeheartedly believe in fostering inclusivity and cultivating a work environment where everyone can flourish, regardless of your personal or professional background. If you are enthusiastic about this role but find that your experience doesn't align perfectly with every aspect of the job description, we strongly encourage you to apply. You may be the ideal candidate for this position or another opportunity within our organisation. Our dedicated Talent Acquisition team is here to assist you in recognising how your unique skills and abilities can be a valuable contribution. Don't hesitate to take the leap and explore the possibilities. Your potential is what truly matters to us.
Company Statement
We know that the best innovation happens when diverse people with different perspectives and skills work together in an inclusive atmosphere. That's why we're building a culture where everyone plays a part in making people feel welcome, ready and willing to contribute. TP ICAP Accord - our Employee Network - is a central to this. As well as representing specific groups, TP ICAP Accord helps increase awareness, collaboration, shares best practice, and holds our firm to account for driving continuous cultural improvement.
Location
UK - 135 Bishopsgate - London