IT and Data Risk Consultant

Company Description

Securing pensions over the long term can be a challenge for many businesses. Our ambition at Legal & General Retirement Institutional (LGRI) is to help companies and pension scheme trustees honour their defined benefit pension promises to their employees. We’re helping companies settle their pension liabilities so they can focus on growing their businesses, as well as helping to support their members’ financial security in retirement. And we’re investing for the long term to back our pension promises. In the last 30 years we’ve written more UK business than any other insurer, and we currently look after more than half a million pension policyholders. We're the UK’s longest-serving active bulk annuity provider, and a market-leading, multi-award winning business.  

Job Description

We are recruiting an IT and Data Risk Consultant to join our team. 

In this role, you will support LGRI Non-Financial Risk team in the oversight of the design, implementation and effectiveness of the Group’s technology and data risk and control framework, using risk management tools, processes and data analytics to provide meaningful insights into the operation and compliance to the Technology and data risk frameworks.

The scope of the role is Non-Financial Risk, with focus on IT, Information Security, Data, Operational Resilience, as well as emerging technologies (e.g. Artificial Intelligence) and programme assurance.

What you'll be doing

Risk and Control Framework: Support LGRI Technology, data and Information Security Managers (1LoD), to ensure effective implementation and embedding of the technology, information security and data policies, standards and controls in a consistent manner to minimise risk exposure, supported by accurate and timely measurements and reports. Support BAU implementation of the IT Risk and Control service model.

Assurance Reviews: Undertake data led “deep dives” and “spotlight reviews” to assess the design and operation of key technology and data risks and controls. Where required, coordinate activities with LGRI 1LoD and 1.5 LoD functions, to ensure that critical controls are regularly evaluated, and their status fairly reported to executive management.

Technology/Data Risk Subject Matter Expertise: Provide advice and guidance to LGRI IT areas about Technology and data risk governance and framework application, advise on policy, interpretation of risk appetite.  Support Technology/Data Risk Management awareness initiatives to promote a culture of security across LGRI.

Risk and Control Data Analysis: Exploit operational data within the Group’s risk management systems (including OneSumX, ServiceNow, Prevalent) to build holistic views of the technology risk and control environment, and related measures and metrics to assess that risk exposures are in acceptable tolerances  

Change Assurance: Support the assurance of high-risk Technology change programmes across LGRI by working with 1LoD and in the planning and review of project delivery to ensures risks are known and managed.

Risk Event Analysis: Perform analysis of risk events and control weaknesses, assessing and reporting upon proposed remediation, and determining broader lessons learnt to drive improvements in the wider technology risk and control environment.

Report Preparation: Collate and aggregate LGRI risk registers and risk acceptances to produce report for appropriate committees. Liaise with 1LoD and 1.5LoD to prepare and review inputs for committee papers to enable discussion and decisions

Qualifications

What we're looking for

• Technology/IT/Computing degree level or equivalent industry experience
• CISA/COBIT/ITIL skills is beneficial
• A technology risk management, auditing or similar qualification would be beneficial but is not essential (i.e. CRISC, CISA, CISSP)
• Demonstrable knowledge of technology risk and control practices
• Knowledge of Technology or Security control frameworks is required, i.e. ISO27001, COBIT, NIST RMF / CSF / 800-53
• Approaches to data analysis and use of data analytics is beneficial
• Operation of technology risk and control frameworks
• Use of data to provide meaningful assessments and reports  
• Good understanding of IT including applications, security, service and infrastructure management, databases, servers, middleware, messaging, mainframe and networks
• Good understanding of IT Information risks, including confidentiality, integrity, availability, authenticity.
• Good understanding of operational IT resilience and how it impacts on service availability, continuity, change, supplier, incident, capacity and cyber event resilience
• Ownership of own work items and collaboration to support others in timely task delivery
• Stakeholder management – building long-term relationships internally and externally
• Strong inter-personal skills for dealing with a variety of people at a range of seniority internally and externally
• Engaging rather than policing people

Additional Information

When you commit to Legal & General, we’ll commit to you too. That means we’ll recognise and reward your hard work, your performance and your contribution.

If you join us, you’ll get access to some great benefits, including private medical insurance, 27 days holiday (excluding bank holidays), a generous pension scheme, life assurance, and Income Protection. You can participate in our electric car scheme, which offers employees the option to hire a brand new electric car through tax efficient salary sacrifice. We’re also proud to offer competitive family leave. 

You’ll have the opportunity to participate in our annual, performance-related bonus plan and valuable share schemes. And then there are the many discounts we offer that you can take advantage of – both for our own products and at a range of high street stores and online offerings. 

The brand with the brolly is choosing today to change tomorrow.

Since 1836, we’ve grown to become one of the world's largest asset managers, homebuilders, pension providers and insurance brands. 

We’re all here to improve the lives of our customers, build a better society for the long term, and create value for our shareholders - helping to shape a better future for society and the planet.

We need people who share our ambitions, agility and entrepreneurial spirit to help us do it.

At L&G, you’ll find a balance that helps you be your best. Empowered by hybrid working, we’re supported by technology and workplaces that enable us to work effectively wherever we are. We come together in offices to collaborate and connect, and use time at home for individual, focused activities. And, when we achieve great things, we celebrate our success and reward strong performance.

Today, there’s over 10,000 of us, working towards our mission, with plenty of opportunities to grow your career as we grow L&G. Will you join us?

Great minds don’t have to think alike, so we welcome voices from all backgrounds. Bringing together people with different life experiences helps us build empathy with our customers and drive innovation.

We don’t just talk about it, we actively promote diversity and equitable opportunities for all. That means our employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability or protected veteran status. In fact, we embrace every dimension of diversity to reflect the customers and communities we serve.

We think it’s important to create an inclusive environment where we can all belong, contribute and drive progress, where you can develop and grow, and be empowered. We want you to use your voice to help us build a better tomorrow.

We all work differently, and have different needs, which is why. we’re always open to discussing flexible working arrangements. Likewise, we’re committed to finding reasonable accommodations for candidates with specific needs during our recruiting process.

So whoever you are, wherever you are, whatever your story, we'd love to hear from you.