RISK OVERSIGHT MANAGER GBU

Company Description
Helping over ten million people around the world manage their savings, retirement plans and life insurance requires a lot of people behind-the-scenes. It's up to us in L&G Group functions - which includes our tech and digital teams, Group Finance, HR, Risk and Corporate Comms to provide the essential support services that all areas of the business need, here in the UK and overseas. Simply put, we enable everyone at Legal & General to do what they do best. That means we're helping to improve our customers' lives, and contributing to the success of the business every day.
Job Description
We are currently recruiting a Technology Risk Manager to join our team.
In this role, you will support the Group Head of Technology & Cyber Risk in the oversight of the design, implementation and effectiveness of Group's technology & information security risk and control framework, using risk management tools, processes and data analytics to provide meaningful insights into the operation and compliance with the Group technology & information security risk framework.
The scope of the role includes Technology, Information Security (Cyber) and Digital risk focus, as well as emerging technologies (e.g. AI) and programme assurance.
What you'll be doing

• Risk and Control Framework: Supporting divisional Technology and Information Security Managers, to ensure effective implementation and embedding of the technology policies, standards and controls in a consistent manner to minimise risk exposure, supported by accurate and timely measurements and reports.
• Assurance Reviews: Undertaking data led deep dives" and spotlight reviews" to assess the design and operation of key technology & information security risks and controls. Where required, coordinating activities with group, divisional and functions risk teams, to ensure that critical controls are regularly evaluated, and their status fairly reported to executive management.
• Technology & Information Security Risk Subject Matter Expertise: Providing advice and guidance to Group and business entities about technology and information security risk governance and framework application, advise on policy and interpretation of risk appetite. Supporting technology & information security risk management awareness initiatives to promote an effective 'Risk' culture across the group.
• Risk and Control Data Analysis: Exploiting operational data within the Group's risk management systems (including OneSumX, ServiceNow, Prevalent etc) to build an holistic view of the technology and information security risk and control environment, and related measures and metrics to assess whether residual risk exposures are in within acceptable tolerances
• Change Assurance: Supporting the assurance of high risk technology and information security change programmes by working with 1LoD and Divisional 2LoD teams in the planning and review of project delivery to ensures risks are known and managed.
• Risk Event Analysis: Performing analysis of risk events and control weaknesses of group-wide significance, assessing and reporting upon proposed remediation, and determining broader lessons learnt to drive improvements in the wider technology risk and control environment.
• Report Preparation: Collating and aggregate divisional risk registers and risk acceptances to produce report for the Technology Risk Committee. Liaising with divisions to prepare and review inputs for committee papers to enable discussion and decisions

Qualifications
What we're looking for

• Technology/IT/Computing degree level or equivalent industry experience
• CISA/COBIT/ITIL skills
• A technology risk management, auditing or similar qualification would be beneficial but is not essential (i.e. CRISC, CISA, CISSP)
• Demonstrable knowledge of technology and information security risk and control practices
• Knowledge of Technology and Security control frameworks is required, i.e. ISO27001, COBIT, NIST RMF / CSF / 800-53
• Approaches to data analysis and use of data analytics is beneficial
• Operation of technology risk and control frameworks
• Use of data to provide meaningful assessments and reports
• Good understanding of IT including applications, security, service and infrastructure management, databases, servers, middleware, messaging, mainframe and networks
• Good understanding of IT Information risks, including confidentiality, integrity, availability, authenticity.
• Good understanding of operational IT resilience and how it impacts on service availability, continuity, change, supplier, incident, capacity and cyber event resilience
• Ownership of own work items and collaboration to support others in timely task delivery
• Stakeholder management - building long-term relationships internally and externally
• Strong inter-personal skills for dealing with a variety of people at a range of seniority internally and externally

Additional Information
When you commit to Legal & General, we'll commit to you too. That means we'll recognise and reward your hard work, your performance and your contribution.
If you join us, you'll get access to some great benefits, including private medical insurance, 27 days holiday (excluding bank holidays), a generous pension scheme, life assurance, and Income Protection. You can participate in our electric car scheme, which offers employees the option to hire a brand new electric car through tax efficient salary sacrifice. We're also proud to offer competitive family leave.
You'll have the opportunity to participate in our annual, performance-related bonus plan and valuable share schemes. And then there are the many discounts we offer that you can take advantage of - both for our own products and at a range of high street stores and online offerings.
The brand with the brolly is choosing today to change tomorrow.
Since 1836, we've grown to become one of the world's largest asset managers, homebuilders, pension providers and insurance brands.
We're all here to improve the lives of our customers, build a better society for the long term, and create value for our shareholders - helping to shape a better future for society and the planet.
We need people who share our ambitions, agility and entrepreneurial spirit to help us do it.
At L&G, you'll find a balance that helps you be your best. Empowered by hybrid working, we're supported by technology and workplaces that enable us to work effective