Lead Attestations

Ensuring ongoing compliance to meet customer and regulatory requirements is part of the 'DNA' of our business; we are subject to ongoing assessments by our customers, internal and external auditors.

The Attestation team plays a key part in supporting the business coordinating several control frameworks for our services. These include controls such as: HR, Record Production, Quality Control, BCP, IT and Security and Access where each control is in place to ensure an important process is completed. These controls must operate effectively, not only to ensure that we will achieve SOC 1, SOC 2, ISAE 3000, Swift or OSPAR accreditation and our ISO 27001:2022 and certification without any major non-conformities/observations but also to meet customer commitments.

In addition, to providing accurate information/evidence to support the frameworks that are being attested, the team also delivers detailed responses to clients who have a contractual right to audit our environment ensuring that we meet our contractual obligations.

The role of the Lead Attestations & Certifications Analyst is crucial to ensuring that the in-scope framework for the product is operating its controls effectively. This role is responsible for the co-ordination of the planning and testing of the controls, reviewing the test results, and collaborating with business and technology control owners - making recommendations to close any gaps identified.

Key Responsibilities

• To schedule and perform detailed planning for annual audits
• Support the Attestation and Certification managers with the successful delivery of SOC reports and ISO certifications such as SOC 1/SOC 2/ISAE 3000/ISO27001/ Swift
• To prepare and ensure execution of test programmes ensuring assignments are managed effectively
• To review the work papers and audit reports of internal controls testing activity used to support findings/conclusions and make recommendations for improvement where necessary to the control owners
• Discuss findings / observations with stakeholders
• To follow-up on actions arising from audit assignments as required, and the preparation of status reports
• To conduct awareness sessions with control owners / operators on how to operate controls effectively
• To ensure the audit information repository is maintained and updated in a timely manner for both internal and external controls testing activity
• To contribute to the development of the Controls Framework and process through continuous personal and professional development
• Researching trends and current regulatory rules and changes within the industry with specific focus on SOC 1/SOC 2/ISAE 3000/ISO27001 and Swift
• Communicate findings from SOC and ISO audits and support internal stakeholders to drive successful completion of remediation of findings
• Brief control owners on the purpose and timing of the SOC audits/ISO certifications and resolve any question between control owners and external auditors regarding external audit requests for information
• Monitor status of external audit requests, and due dates for requested information. Resolve delays in the audit evidence collection process and escalate for overdue items. Review collected audit evidence prior submission to ensure completeness
• Prepare weekly updates on the status of each audit. Request and collect weekly updates for all SOC and ISO (internal and external) audits that are in progress across LSEG

Technical/Job functional knowledge

• 4+ years' experience in one of the following: Auditing / Compliance / Risk & Governance / Quality Control / Quality Assurance.
• Working knowledge of assurance standards such as SOC 1 / SOC 2 / ISAE 3000 / Swift / ISO27001 / Trust Service Principles,
• Introduced ISO27001 or similar into an organisation.
• Experience in working independently and with management of teams
• Educated to Bachelor degree level or equivalent
• Strong analytical, written/verbal communication, interpersonal and relationship building skills
• Ability to analyse, compare and interpret facts and figures
• Persistence – able to ask questions, to challenge responses if needed and ask for further detail. Not always to accept the first answer given
• Process and detail oriented
• Demonstrated ability to take initiative and drive projects to completion
• Ability to adapt to change and multi-task in a dynamic environment
• Ability to work independently and in a team environment
• Experience of working in the Technology Risk/Information & Cyber security functions
• Experience of working with customer/clients, delivering key sensitive information whilst still supporting the security needs of our business.
• Experience of interpretating contracts or legal documents to understand their meaning and impact on an organisation.
• Experience of Desktop applications such as MS Office 365 (specifically Teams, Excel, Word, PowerPoint and SharePoint)

Desirable characteristics:

• Experience of Microsoft Power BI for metrics reporting
• Experience of LucidChart for mapping/flow charting
• Industry related certifications such as CISA, CISM, CRISC, CISSP

Join us and be part of a team that values innovation, quality, and continuous improvement. If you're ready to take your career to the next level and make a significant impact, we'd love to hear from you.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

You will be part of a collaborative and creative culture where we encourage new ideas. We are committed to sustainability across our global business and we are proud to partner with our customers to help them meet their sustainability objectives. Our charity, the LSEG Foundation provides charitable grants to community groups that help people access economic opportunities and build a secure future with financial independence. Colleagues can get involved through fundraising and volunteering.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

Please take a moment to read this

privacy notice

carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained,

your rights and how to contact us as a data subject

.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.