Director, Technology, Cyber & Resilience Risk

Company: London Stock Exchange Group
Apply for the Director, Technology, Cyber & Resilience Risk
Location: London
Job Description:

Director, Technology, Cyber & Resilience RiskSkip to main content#Director, Technology, Cyber & Resilience Risk page is loaded## Director, Technology, Cyber & Resilience RiskApplylocations: London, United Kingdom: London, United Kingdomtime type: Full timeposted on: Posted Todayjob requisition id: R0120582**Role Purpose** Leads the Technology Risk & Operational Resilience capability across DSM, FX, and Risk Intelligence, accountable for the first-line risk and control environment, ensuring it operates within defined risk appetite and meets regulatory expectations. Drives risk-informed engineering delivery, embedding robust controls, resilience practices, and data-led assurance across platforms. Reports to Head of Business Management, Markets & Risk Intelligence Engineering.**Core Accountabilities** 1. Risk & Control Ownership* Own the first-line technology risk profile, ensuring alignment to divisional risk appetite.* Own the technology control framework and library (applications, infrastructure, cloud, cyber).* Define control standards, testing approaches, and assurance mechanisms.* Drive remediation of control gaps, including systemic risk issues. 2. Operational Resilience* Own first-line implementation of operational resilience frameworks, including: + Important business services (IBS) + Impact tolerances + Scenario testing and resilience validation* Ensure resilience is embedded into architecture, engineering and change processes.* Partner with 2LOD to ensure alignment with regulatory expectations (e.g. DORA, UK OpRes). 3. Risk Governance & Decisioning* Lead 1LoD technology risk governance forums).* Provide independent first-line challenge to engineering, architecture, and product teams.* Escalate and drive resolution of material risk decisions and breaches (i.e. major incidents, material audit findings)* Provide clear, data-driven risk and impact assessments to product owners in business-led risk forums/committees. 4. Regulatory, Audit & External Engagement* Own first-line response to audit and regulatory reviews, including: + Issue ownership and remediation tracking. + Evidence provision and assurance quality* Provide technology risk insight to executive committees and Boards.* Monitor external regulatory developments and emerging risks to drive required changes. 5. Third Party & Cloud Risk* Own oversight of technology third-party risk, including: + Critical suppliers and intra-group dependencies (i.e. IRQ, DDQ validation and remediation of gaps) + Control effectiveness, TPRM lifecycle and exit risks.* Ensure alignment of cloud risk controls with enterprise standards.* Partner with Infrastructure & Cyber (BSL) with clear accountability boundaries for technology services to supported entities. 6. Risk Data, MI & Reporting* Own risk reporting and insight across DSM, FX, and RI.* Define and govern KRIs, KPIs and control effectiveness metrics (KCIs).* Ensure availability of accurate, decision-ready risk data.* Drive adoption of data-led risk management across engineering teams. 7. Leadership & Operating Model* Lead and develop a high-performing technology risk team.* Define clear roles, responsibilities, and RACI across first and second lines.* Build risk capability across engineering, not just within the function.* Act as a senior leader influencing culture, behaviours, and delivery outcomes. **Required Experience*** Senior leadership in technology risk within regulated financial services.* Ownership of control frameworks aligned to recognised standards (NIST, ISO, COBIT).* Strong track record in risk governance and remediation of systemic issues.* Operational resilience and incident management expertise.* Experience engaging with regulators and executive stakeholders.* Cloud and third-party risk oversight. **Qualifications & Certifications (preferred)*** CRISC, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, ITIL Expert.* Degree in Computer Science/Engineering or equivalent experience. **Skills & Attributes*** Combines deep risk expertise with engineering credibility.* Strong decision-making and challenge capability, not just advisory.* Highly effective in executive communication and regulatory engagement.* Drives delivery discipline through measurable outcomes.* Builds alignment across complex stakeholder landscapes.**Career Stage:**Director#J-18808-Ljbffr…

Posted: June 21st, 2026