Business Technology Risk Partner

Legal & General (L&G) is a leading UK financial services group and major global investor. We’ve been safeguarding people’s financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders. We are one of the world’s largest asset managers and provide powerful asset origination capabilities. Together, these underpin our retirement and protection solutions: we are an international player in pension risk transfer, in UK and US life insurance, and in UK workplace pensions and retirement income. Our Group Functions provide the services that all areas of the business need. This requires a talented and diverse team behind the scenes, who enable everyone at L&G to do what they do best. Joining us means helping to improve the lives of our customers and contributing to the success of the business every day.

We’re recruiting for a Business Technology Risk Partner to join us. The Business Technology Risk Partner is the first-line lead for technology risk and controls within a dedicated L&G business division. The role embeds risk ownership into delivery and operations, ensures effective use of L&G frameworks, and enables safe, compliant and resilient outcomes. It also provides risk insight, control oversight and acts as the key interface with the Technology Risk and Controls Enablement Function.

What you’ll be doing:

• Partnering with technology and business leadership within the business division to ensure risk is considered in all aspects of technology strategy, investment, delivery and operations, including chairing the Business Technology Risk Committee for the respective business division and acting as a conduit between the division and supporting first, second and third lines to ensure consistency of approach, coordinated risk escalation and effective engagement.
• Contributing as a senior member of the Global Technology Risk and Controls Leadership Team to ensure business division perspectives shape global technology risk strategy and supporting the development, alignment and uplift of technology risk and controls capabilities globally.
• Leading and overseeing business division technology risk identification and assessment activities to ensure emerging risks, material exposures and changes in risk profile are captured and escalated in a timely and accurate manner in accordance with L&G technology policies and standards.
• Overseeing and guiding the design, implementation and operation of key technology controls across the business division, streams and products to ensure control effectiveness and compliance with L&G technology policies and standards, regulatory requirements and audit expectations, driving active ownership of controls.
• Supporting and overseeing business division response and remediation of management-identified technology issues, control failures, technology-related risk events and audit issues to ensure root causes are addressed and sustainable remediation plans are delivered.
• Embedding risk awareness and accountability across business division technology teams to ensure technology risk is effectively owned and risk maturity is continuously improved through coaching, engagement and training.
• Providing SME support on IT and change initiatives with respect to delivering improvements to customer support and experience.
• Managing the team in accordance with the company’s policies and procedures, including the Partnership Agreement, to ensure the team’s business objectives are achieved consistently.

Qualifications:

• Technology risk and governance related qualifications such as CRISC, CGEIT or CISA desirable but not mandatory based on role holder experience.
• Information technology related qualifications such as ITIL desirable but not mandatory based on role holder experience.
• Cyber security related qualifications such as CISM or CISSP desirable but not mandatory based on role holder experience.
• Strong familiarity with technology and security frameworks such as NIST Cyber Security Framework (CSF), COBIT, ISO27001/2 and COSO.
• Strong understanding of regulatory requirements relevant to financial services (e.g. FCA/PRA regulations, UK GDPR, DORA).
• Extensive experience in technology risk, governance or assurance within a complex, regulated environment.
• Significant experience designing or overseeing technology controls implementation, controls automation, risk frameworks, and audit responses.
• Demonstrated ability to translate technology risk and controls to business language to support business stakeholders.
• Experience in working collaboratively with technology and business leaders.

Benefits:

• The opportunity to participate in our annual, performance‑related bonus plan and valuable share schemes.
• Generous pension contribution.
• Life assurance.
• Healthcare Plan (permanent employees only).
• At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday.
• Competitive family leave.
• Participate in our electric car scheme, which offers employees the option to hire a brand‑new electric car through tax‑efficient salary sacrifice (permanent employees only).
• We offer many discounts for our own products and at a range of high street stores and online.
• In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your well‑being at the heart.

Additional Information:

At L&G, we believe it's possible to generate positive returns today while helping to build a better future for all. If you join us, you’ll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel. We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part‑time, term‑time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can. It doesn’t matter if you don’t meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose.