Tech & Cyber Risk Manager in London

ABOUT US: LSEG (London Stock Exchange Group) is more than a diversified global financial markets infrastructure and data business. We are dedicated, open-access partners with a dedication to excellence in delivering the services our customers expect from us. With extensive experience, deep knowledge, and worldwide presence across financial markets, we enable businesses and economies around the world to fund innovation, handle risk and create jobs.

OUR PEOPLE: People are at the heart of what we do and drive the success of our business. Our culture of connecting, creating opportunity and delivering excellence shape how we think, how we do things and how we help our people fulfil their potential. We embrace diversity and actively seek to attract individuals with unique backgrounds and perspectives.

ROLE SUMMARY: At LSEG, we are evolving how technology and cyber risk is run within a fast-paced, product-aligned engineering environment. In Data & Analytics Engineering (D&A), we are looking for a Technology & Cyber Risk Manager to help drive a proactive, insight-led risk and controls culture.

Your responsibilities:

• Support the delivery and ongoing improvement of the D&A Engineering technology and cyber risk management approach, ensuring alignment with enterprise-wide risk policies, regulatory expectations and Tech & Cyber Risk priorities.
• Coordinate and maintain key risk information across D&A Engineering, including Self-Identified Issues (SIIs), audit findings, technology obsolescence, risk events, control assessments, remediation plans and action tracking.
• Support risk and control assessments across applications, platforms and technology services, helping to identify control gaps, assess impact and likelihood, document residual risk positions and define appropriate remediation actions.
• Prepare clear, accurate and timely inputs for dashboards, reporting and committee materials and senior leadership updates, ensuring that messages are risk-led, evidence-based and proportionate to the audience.
• Maintain audit-ready documentation and evidence to support internal reviews, external assurance, regulatory requests and management oversight.
• Support alignment to relevant regulations, standards and internal requirements, including FCA, PRA, GDPR, DORA and LSEG technology and cyber risk policies, raising potential impacts or gaps for review.
• Work with central Cyber, Technology Risk, GRC, BISO, Engineering and Product teams to support the implementation and continuous improvement of information security activities, including vulnerability management, patching, penetration testing, control assurance and security remediation.
• Identify repeatable manual activities in the risk and controls lifecycle that could be simplified, automated or enhanced through AI, analytics, workflow tooling or data-quality improvements.
• Develop high-quality prompts, templates and reusable artefacts to improve consistency in risk assessments, SIIs generation, committee reporting, control commentary and remediation updates.
• Support the Lead Tech & Cyber Risk D&A Engineering in embedding AI-enabled ways of working across the risk and controls function, while respecting confidentiality, data-handling, model-risk and information-security requirements.

WHAT YOU'LL BRING:

• Relevant technology risk, cyber risk, operational risk, controls, audit, assurance or technology governance experience, preferably in a financial services, regulated or complex enterprise environment.
• Good understanding of technology and cyber risk management concepts, control frameworks, issue management, remediation tracking and evidence standards.
• Practical experience working with technology, engineering, product, risk, cyber, audit or compliance partners to identify, document and manage risks and control gaps.
• Strong written and verbal communication skills, with the ability to adapt messaging for technical, operational and management audiences.
• Experience with issue and action management tools, risk registers, control libraries, audit evidence repositories, management information and executive reporting packs.
• Experience supporting risk assessments for applications, platforms, cloud services, infrastructure, data platforms, AI-enabled services or engineering delivery environments.
• Understanding of vulnerability management, patching, technology obsolescence, access management, incident management, resilience, third-party risk and secure-by-design principles.
• Strong proven understanding of Microsoft 365 productivity tools, reporting tools and workflow solutions; experience using AI, automation, analytics or data visualisation tools to improve business processes is highly desirable.
• Awareness of relevant regulatory and industry requirements such as FCA, PRA, GDPR and DORA, with the ability to apply requirements pragmatically in a technology environment.

Career Stage: Manager

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.