LegalAndGeneral logo

Technology Risk and Control Analyst

LegalAndGeneral

Posted about 6 hours ago

Job Description

We are seeking a Technology Risk and Control Analyst to support the effective management of Information, Technology, and Data risks across L&G. This role will be responsible for analysing and reporting on risk management activities, while partnering closely with First Line of Defence (1LoD) teams, process owners, and control owners.

You will provide expert guidance and oversight on the design, implementation, and ongoing effectiveness of the Group’s technology risk and control framework. This includes constructively challenging stakeholders where appropriate to strengthen internal controls, drive timely and proportionate responses to significant control issues and risk events, and enhance data quality to support IT risk management.

The scope of the role spans IT, Information Security, Data, and IT Outsourcing risks, as well as emerging technologies such as Artificial Intelligence (AI), alongside programme assurance activities.

What you’ll be doing:

  • Supporting the Retail 2LoD IT & IS Risk team in embedding technology policies, standards, and controls consistently across the Group, ensuring effective risk mitigation through accurate, timely metrics and reporting
  • Delivering data-driven deep dives and targeted assurance reviews to assess the design and effectiveness of key technology controls, in collaboration with 1LoD and 1.5LoD teams
  • Providing subject matter expertise on technology risk governance, framework application, and policy interpretation, while promoting a strong culture of security and risk awareness
  • Analysing risk and control data from systems such as OneSumX, ServiceNow, and Prevalent to generate actionable insights and monitor risk exposure against defined tolerances
  • Supporting assurance activities for high-risk technology change programmes, ensuring key risks are identified, understood, and effectively managed throughout delivery
  • Assessing technology-related risk events and control weaknesses, identifying root causes and evaluating remediation actions to drive continuous improvement
  • Producing high-quality risk reporting by collating and synthesising IT and Information Security data for governance forums and committees
  • Collaborating with 1LoD and 1.5LoD stakeholders to gather, validate, and refine inputs, ensuring accurate and impactful risk reporting and informed decision-making

Who we’re looking for:

  • Degree-level education or equivalent relevant professional experience is desirable
  • Professional certifications in technology risk or information security (e.g., CRISC, CISA, CISSP) are advantageous but not essential
  • Strong understanding of technology risk management and control practices
  • Familiarity with recognised technology and security control frameworks (e.g., ISO 27001, COBIT, NIST) is beneficial
  • Experience using data analysis and analytics to produce meaningful insights and reporting
  • Practical experience in risk management across first, second, or third line of defence functions
  • Solid understanding of IT information risk principles, including confidentiality, integrity, availability, and authenticity
  • Demonstrated ability to take ownership of deliverables, collaborate effectively, and influence stakeholders through strong communication and presentation skills

Whatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:

  • The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
  • Generous pension contribution
  • Life assurance
  • Healthcare Plan (permanent employees only)
  • At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
  • Competitive family leave
  • Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
  • There are many discounts we offer – both for our own products and at a range of high street stores and online
  • We’re creating net‑zero carbon workplaces by 2030 by investing in our sustainable, modern offices across the UK, all designed to bring people together and elevate the in‑person experience

#LI-NH1

Additional Information

At L&G, we believe it's possible to generate positive returns today while helping to build a better future for all. 

If you join us, you’ll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.

We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time, term-time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can. 

It doesn’t matter if you don’t meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose. 

Job details

Workplace

Remote

Location

London, England, United Kingdom

Similar
LegalAndGeneral logo

LegalAndGeneral

About

Legal & General are a leading UK financial services provider, offering life insurance, pensions, retirement and investment services. Get a quote today.

Online Presence

Jobr Assistant extension

Get the extension →