Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology and trading expertise has shaped QRT's collaborative mindset which enables us to solve the most complex challenges. QRT's culture of innovation continuously drives our ambition to deliver high quality returns for our investors.
Your future role within QRT As the GRC Lead at Qube Research & Technologies (QRT), you will take a strategic and leadership role in overseeing our governance, risk, and compliance (GRC) policies and processes. You will be instrumental in shaping and driving our security and risk programs to align with internal business objectives and regulatory requirements. This senior position requires extensive knowledge of GRC frameworks, regulatory compliance obligations, exceptional leadership and communication skills, and a proactive approach to risk management. Responsibilities Security Governance: Lead the development, implementation and maintenance of policies and procedures in alignment with industry best practices and regulatory requirements. Lead and oversee policy governance by regularly reviewing and updating policies to reflect changes in the business environment and evolving compliance standards. Continuously assess and enhance the effectiveness of GRC processes and controls. Strategic Risk Management: Design, implement, and lead a comprehensive risk management program. Integrate risk management practices into business operations, ensuring compliance and operational resilience. Develop long-term risk mitigation strategies and collaborate with senior management and cross-functional teams to implement effective risk controls. Oversee the monitoring of risk mitigation measures and regularly report their effectiveness to executive leadership. Security Compliance: Lead and manage compliance engagements with external parties, including auditors, regulators, and certification bodies. Coordinate and oversee the preparation of documentation, evidence, and reports required for compliance audits and assessments. Advise executive management on compliance strategies and implications of new regulations. Develop strategies to adapt to new regulations and compliance requirements. Manage third-party risk assessments, ensuring vendor compliance with organisational standards. Implement a comprehensive resilience testing framework within the GRC program, encompassing vulnerability assessments, penetration tests, and continuous monitoring of critical systems. Foster continuous improvement in GRC processes, balancing business needs with compliance requirements. Security Culture & Awareness: Design, lead, and continuously enhance a comprehensive security awareness program across the organisation. Lead initiatives that build a culture of accountability and responsibility for security practices at all levels of the organisation. Monitor the effectiveness of security awareness initiatives through metrics, surveys, and behaviour analytics. Performance & Reporting: Create and provide clear, actionable security material (reports, meeting decks) customised for executives, technical teams, and non-technical staff. Create data-driven reports on security performance and risks to leadership. Review processes and controls, using audit and incident findings to drive improvements. Industry Insight: Stay abreast and maintain an expert understanding of emerging trends, technologies, regulations, and best practices in GRC. Your present skillset Educational Background: Bachelor's degree in Business, Law, Information Security, Risk Management, or a related field; a Master's degree or MBA is highly preferred. Professional Experience: Minimum of 10+ years of experience in governance, risk management, and compliance roles, with at least 5 years in a leadership or managerial position. Certifications: Relevant certifications such as CISA, CRISC, CISSP, or equivalent are highly preferred. Expertise in Frameworks: Deep understanding of risk and compliance frameworks such as ISO 27000 series, NIST, DORA or similar. Leadership Skills: Proven ability to lead and develop teams, manage complex projects, and influence senior stakeholders. Strategic Thinker: Demonstrated experience in developing and executing GRC strategies that align with business objectives. Communication Skills: Exceptional communication and interpersonal skills, with the ability to effectively convey complex concepts to diverse audiences. Analytical Skills: Strong analytical and problem-solving abilities with a proactive approach to identifying and addressing risks. Project Management: Excellent project management skills with a track record of delivering initiatives on time and within scope. Strong knowledge of data privacy laws and their application within security programs. QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.
#J-18808-Ljbffr