Technology Risk and Control Analyst Job at LegalAndGeneral (London)

Job Responsibility

Supporting the Retail 2LoD IT & IS Risk team in embedding technology policies, standards, and controls consistently across the Group, ensuring effective risk mitigation through accurate, timely metrics and reporting
Delivering data-driven deep dives and targeted assurance reviews to assess the design and effectiveness of key technology controls, in collaboration with 1LoD and 1.5LoD teams
Providing subject matter expertise on technology risk governance, framework application, and policy interpretation, while promoting a strong culture of security and risk awareness
Analysing risk and control data from systems such as OneSumX, ServiceNow, and Prevalent to generate actionable insights and monitor risk exposure against defined tolerances
Supporting assurance activities for high-risk technology change programmes, ensuring key risks are identified, understood, and effectively managed throughout delivery
Assessing technology-related risk events and control weaknesses, identifying root causes and evaluating remediation actions to drive continuous improvement
Producing high-quality risk reporting by collating and synthesising IT and Information Security data for governance forums and committees
Collaborating with 1LoD and 1.5LoD stakeholders to gather, validate, and refine inputs, ensuring accurate and impactful risk reporting and informed decision-making

Degree-level education or equivalent relevant professional experience is desirable
Professional certifications in technology risk or information security (e.g., CRISC, CISA, CISSP) are advantageous but not essential
Strong understanding of technology risk management and control practices
Familiarity with recognised technology and security control frameworks (e.g., ISO 27001, COBIT, NIST) is beneficial
Experience using data analysis and analytics to produce meaningful insights and reporting
Practical experience in risk management across first, second, or third line of defence functions
Solid understanding of IT information risk principles, including confidentiality, integrity, availability, and authenticity
Demonstrated ability to take ownership of deliverables, collaborate effectively, and influence stakeholders through strong communication and presentation skills

The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
Generous pension contribution
Life assurance
Healthcare Plan (permanent employees only)
At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
Competitive family leave
Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
There are many discounts we offer – both for our own products and at a range of high street stores and online