At a Glance
- Tasks: Lead technology risk and operational resilience across financial services, ensuring compliance and robust controls.
- Company: Join a leading financial services firm focused on innovation and risk management.
- Benefits: Competitive salary, leadership opportunities, and a dynamic work environment.
- Other info: Opportunity to lead a high-performing team and drive cultural change.
- Why this job: Make a significant impact in technology risk while shaping the future of financial services.
- Qualifications: Senior leadership experience in technology risk and strong regulatory engagement skills.
The predicted salary is between 60000 - 75000 £ per year.
Leads the Technology Risk & Operational Resilience capability across DSM, FX, and Risk Intelligence, accountable for the first-line risk and control environment, ensuring it operates within defined risk appetite and meets regulatory expectations. Drives risk-informed engineering delivery, embedding robust controls, resilience practices, and data-led assurance across platforms. Reports to Head of Business Management, Markets & Risk Intelligence Engineering.
Core Accountabilities
- Risk & Control Ownership
- Own the first-line technology risk profile, ensuring alignment to divisional risk appetite.
- Own the technology control framework and library (applications, infrastructure, cloud, cyber).
- Define control standards, testing approaches, and assurance mechanisms.
- Drive remediation of control gaps, including systemic risk issues.
- Operational Resilience
- Own first-line implementation of operational resilience frameworks, including: Important business services (IBS), Impact tolerances, Scenario testing and resilience validation.
- Ensure resilience is embedded into architecture, engineering and change processes.
- Partner with 2LOD to ensure alignment with regulatory expectations (e.g. DORA, UK OpRes).
- Risk Governance & Decisioning
- Lead 1LoD technology risk governance forums.
- Provide independent first-line challenge to engineering, architecture, and product teams.
- Escalate and drive resolution of material risk decisions and breaches (i.e. major incidents, material audit findings).
- Provide clear, data-driven risk and impact assessments to product owners in business-led risk forums/committees.
- Regulatory, Audit & External Engagement
- Own first-line response to audit and regulatory reviews, including: Issue ownership and remediation tracking, Evidence provision and assurance quality.
- Provide technology risk insight to executive committees and Boards.
- Monitor external regulatory developments and emerging risks to drive required changes.
- Third Party & Cloud Risk
- Own oversight of technology third-party risk, including: Critical suppliers and intra-group dependencies (i.e. IRQ, DDQ validation and remediation of gaps), Control effectiveness, TPRM lifecycle and exit risks.
- Ensure alignment of cloud risk controls with enterprise standards.
- Partner with Infrastructure & Cyber (BSL) with clear accountability boundaries for technology services to supported entities.
- Risk Data, MI & Reporting
- Own risk reporting and insight across DSM, FX, and RI.
- Define and govern KRIs, KPIs and control effectiveness metrics (KCIs).
- Ensure availability of accurate, decision-ready risk data.
- Drive adoption of data-led risk management across engineering teams.
- Leadership & Operating Model
- Lead and develop a high-performing technology risk team.
- Define clear roles, responsibilities, and RACI across first and second lines.
- Build risk capability across engineering, not just within the function.
- Act as a senior leader influencing culture, behaviours, and delivery outcomes.
Required Experience
- Senior leadership in technology risk within regulated financial services.
- Ownership of control frameworks aligned to recognised standards (NIST, ISO, COBIT).
- Strong track record in risk governance and remediation of systemic issues.
- Operational resilience and incident management expertise.
- Experience engaging with regulators and executive stakeholders.
- Cloud and third-party risk oversight.
Qualifications & Certifications (preferred)
- CRISC, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, ITIL Expert.
- Degree in Computer Science/Engineering or equivalent experience.
Skills & Attributes
- Combines deep risk expertise with engineering credibility.
- Strong decision-making and challenge capability, not just advisory.
- Highly effective in executive communication and regulatory engagement.
- Drives delivery discipline through measurable outcomes.
- Builds alignment across complex stakeholder landscapes.
Career Stage: Director
Director, Technology, Cyber & Resilience Risk in London employer: London Stock Exchange Group
As a leading employer in the financial services sector, we offer an exceptional work environment in London that fosters innovation and resilience. Our commitment to employee growth is evident through comprehensive training programmes and leadership development opportunities, ensuring that our team members thrive in their careers. With a strong focus on collaboration and a culture that values diverse perspectives, we empower our employees to drive meaningful change while maintaining a healthy work-life balance.
Contact Details:
London Stock Exchange Group Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Director, Technology, Cyber & Resilience Risk in London
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including London Stock Exchange Group, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through London Stock Exchange Group
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at London Stock Exchange Group. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Director, Technology, Cyber & Resilience Risk in London
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at London Stock Exchange Group insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to London Stock Exchange Group that you’re committed to staying ahead in the game.
How to prepare for a job interview at London Stock Exchange Group
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at London Stock Exchange Group to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at London Stock Exchange Group.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
