Tech & Cyber Risk Manager in London

Requirements

• Relevant technology risk, cyber risk, operational risk, controls, audit, assurance or technology governance experience, preferably in a financial services, regulated or complex enterprise environment.
• Good understanding of technology and cyber risk management concepts, control frameworks, issue management, remediation tracking and evidence standards.
• Practical experience working with technology, engineering, product, risk, cyber, audit or compliance partners to identify, document and manage risks and control gaps.
• Strong written and verbal communication skills, with the ability to adapt messaging for technical, operational and management audiences.
• Experience with issue and action management tools, risk registers, control libraries, audit evidence repositories, management information and executive reporting packs.
• Experience supporting risk assessments for applications, platforms, cloud services, infrastructure, data platforms, AI-enabled services or engineering delivery environments.
• Understanding of vulnerability management, patching, technology obsolescence, access management, incident management, resilience, third-party risk and secure-by-design principles.
• Strong proven understanding of Microsoft 365 productivity tools, reporting tools and workflow solutions; experience using AI, automation, analytics or data visualisation tools to improve business processes is highly desirable.
• Awareness of relevant regulatory and industry requirements such as FCA, PRA, GDPR and DORA, with the ability to apply requirements pragmatically in a technology environment.

What the job involves

• At LSEG, we are evolving how technology and cyber risk is run within a fast-paced, product-aligned engineering environment.
• In Data & Analytics Engineering (D&A), we are looking for a Technology & Cyber Risk Manager to help drive a proactive, insight-led risk and controls culture.
• This role sits at the heart of Engineering, partnering across Product, Cyber and Risk to strengthen control maturity, enable confident decision-making, and ensure risks are effectively understood and managed.
• Employing AI and automation, the role will also help transform how risk data, reporting and remediation are delivered at scale.
• As the Technology & Cyber Risk Manager you will support the Lead Tech & Cyber Risk D&A Engineering in delivering technology and cyber risk management activities across D&A Engineering.
• You will help coordinate risk data, maintain quality reporting, support control and risk assessments, supervise remediation plans, and work with Engineering, Product, Business Management, Technology Risk, Cyber, GRC and other central teams to ensure risks and issues are clearly understood, documented, governed and progressed to agreed timelines.
• You will be expected to be AI-native: proactively using approved AI, analytics and automation capabilities to improve the quality, consistency and efficiency of risk identification, evidence gathering, reporting, issue tracking and control monitoring.
• You will help find opportunities to reduce manual effort, improve data quality, and strengthen insight generation while using AI responsibly and in line with LSEG policies and control expectations.
• Support the delivery and ongoing improvement of the D&A Engineering technology and cyber risk management approach, ensuring alignment with enterprise-wide risk policies, regulatory expectations and Tech & Cyber Risk priorities.
• Coordinate and maintain key risk information across D&A Engineering, including Self-Identified Issues (SIIs), audit findings, technology obsolescence, risk events, control assessments, remediation plans and action tracking.
• Support risk and control assessments across applications, platforms and technology services, helping to identify control gaps, assess impact and likelihood, document residual risk positions and define appropriate remediation actions.
• Prepare clear, accurate and timely inputs for dashboards, reporting and committee materials and senior leadership updates, ensuring that messages are risk-led, evidence-based and proportionate to the audience.
• Maintain audit-ready documentation and evidence to support internal reviews, external assurance, regulatory requests and management oversight.
• Support alignment to relevant regulations, standards and internal requirements, including FCA, PRA, GDPR, DORA and LSEG technology and cyber risk policies, raising potential impacts or gaps for review.
• Work with central Cyber, Technology Risk, GRC, BISO, Engineering and Product teams to support the implementation and continuous improvement of information security activities, including vulnerability management, patching, penetration testing, control assurance and security remediation.
• Identify repeatable manual activities in the risk and controls lifecycle that could be simplified, automated or enhanced through AI, analytics, workflow tooling or data-quality improvements.
• Develop high-quality prompts, templates and reusable artefacts to improve consistency in risk assessments, SIIs generation, committee reporting, control commentary and remediation updates.
• Support the Lead Tech & Cyber Risk D&A Engineering in embedding AI-enabled ways of working across the risk and controls function, while respecting confidentiality, data-handling, model-risk and information-security requirements.