Head of Operational Risk Regulatory Reporting Solutions - London Stock Exchange Group

We are seeking an experienced and self‐motivated Head of Operational Risk & Resilience. The candidate will be responsible for overseeing the operational risk framework and resilience strategy for the Regulatory Reporting Solutions business. Leading a team of risk and resilience professionals, the role partners closely with technology, compliance, and business colleagues to deliver a resilient and well‐managed function. The role blends oversight with active delivery, personally leading key risk assessments, scenario testing, resilience activities, deep dives, and regulatory compliance while also building and managing the frameworks, governance, and team capability needed to ensure a strong and sustainable risk environment.

Key Responsibilities

• Operational Risk Management
  • Lead the development, implementation, and continuous enhancement of the Operational Risk Framework across Regulatory Reporting Solutions.
  • Lead all aspects of control design, effectiveness testing, and issue remediation, ensuring risks are handled within appetite.
  • Ongoing monitoring and mitigation of operational risks, including processes related to risk & control assessments (RCAs), incident root‐cause analysis, and risk event assessments.
  • Drive thematic deep‐dive reviews into high‐risk areas, ensuring findings are actionable and improvements embedded.
  • Ensure timely escalation of material control weaknesses, breaches, and emerging risks.
• Business Control Officer Accountability
  • Act as the Business Control Officer for Regulatory Reporting Solutions, accountable for the design, effectiveness, and continuous improvement of first‐line controls across the business.
  • Provide senior management with independent, informed challenge within the first line, ensuring risks are owned, controls are effective, and issues are addressed at pace.
  • Serve as a key point of accountability for risk appetite adherence, control attestation, and management assurance.
• Regulatory Compliance and Operational Resilience
  • Act as the first‐line accountable owner for Operational Resilience requirements across Regulatory Reporting Solutions, inclusive of ongoing DORA compliance.
  • Build and coordinate DORA‐aligned capabilities including ICT risk management, incident classification and reporting, ICT third‐party risk oversight and digital resilience testing.
  • Partner with technology, compliance, and legal teams to ensure end‐to‐end adherence to Operational Resilience requirements and audit readiness.
  • Ensure business‐owned evidence, controls, and documentation are maintained to support regulatory reviews, audits, and supervisory engagement.
  • Ensure identification and mapping of Important Business Services (IBS), including end‐to‐end process, technology, data, and third‐party dependencies.
  • Oversee resilience assessments, control design reviews, severe but plausible scenario testing, and remediation planning.
  • Lead annual self‐assessments, ensuring governance, oversight, and evidence trails are robust and audit‐ready.
  • Own remediation plans arising from regulatory findings, audits, and internal assurance activity, tracking delivery to closure.
• Business Continuity & Crisis Management Resilience
  • Provide formal management assurance on the adequacy of business continuity, crisis management, and recovery capabilities.
  • Own and maintain the business's continuity strategy, plans, and testing programme, ensuring alignment with regulatory expectations and best practice.
  • Lead scenario and stress testing exercises covering cyber, technology outages, facilities loss, regulatory submission failures, and data integrity events.
  • Ensure recovery capabilities are fit for purpose and embedded across teams, including documentation, escalation protocols, and crisis response roles.
  • Ensure lessons learned from incidents and testing are embedded into control improvements and operating procedures.
• Governance & Leadership
  • Act as the primary risk and control advisor to Regulatory Reporting Leadership Team, supporting informed decision‐making, contributing to strategic planning, risk culture, and organisational priorities.
  • Provide clear direction, challenge, and advice to senior stakeholders on risk and resilience matters.
  • Own business responses to second‐ and third‐line challenge, ensuring issues are addressed constructively and sustainably.
  • Chair or support governance forums such as operational risk committees, resilience steering groups, and change risk assessments.
• Team Leadership
  • Lead and develop a team of operational risk professionals, fostering a culture of empowerment, accountability, and proactive risk management.
  • Ensure capability‐building through coaching, training, and talent development.

Skills & Experience

• Experience operating as a Business Control Officer or senior first‐line risk leader within financial services.
• Strong understanding of Regulatory Reporting processes, regulatory expectations, and data‐quality risks.
• Deep knowledge of DORA, business continuity frameworks, ICT risk management, and operational resilience principles.
• Experience running scenario testing, major incident management, and thematic risk reviews.
• Ability to influence and challenge senior colleagues in a fast‐paced, high‐stakes regulatory environment.
• Demonstrated leadership capability, with experience leading high‐performing teams.

Personal Attributes

• Strategic problem solver with the ability to translate risk insights into practical, business‐oriented solutions.
• Strong communicator with excellent stakeholder engagement skills.
• Highly organised, calm under pressure, and skilled at navigating complex issues.
• Collaborative, resilient, and able to inspire change across multidisciplinary teams.

Career Stage

Director

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.