The role line reports to the ‘Head of Operational Risk Management – LGIM’ with functional direction from the ‘Group Head of IT Operational Risk’].  The purpose of the role is to limit the occurrence and business impacts of adverse events, while contributing to business success through management of IT Operational risk

As a member of the Operational Risk team, situated within the Risk department of the Legal & General Investments Management (LGIM) business division, the ‘IT Operational Risk Manager’ provides 2nd line of defence IT risk specialist oversight (advisory, review, and challenge) over 1st line IT risk management activities for the division.

• Develop and maintain proactive working relationships directly with all levels of management across departments and functions (i.e. including other 2nd line risk specialists, e.g. Chief Information Security Officer (CISO) Office, Financial Crimes Compliance and the LGIM Information Security and Privacy Manager) to ensure on-going timely identification, assessment, and management of IT operational risk across the business, in-line with internal, legal and regulatory requirements.  This will include IT Security and Cyber risk within Information security
• Advise business / IT management in understanding the entirety of their IT risk landscape, proactively develop the definition of risk appetite / Key Risk Indicator(s) and other reporting to monitor those risks, and advise on strategies to address items outside appetite.
• Oversee the management and maintenance of risk processes and systems used to identify and monitor control effectiveness for key risks, and to ensure control deficiencies are addressed by management on a timely basis through mitigating actions and/or informed risk acceptance.  Ensure awareness and training on risk processes are undertaken where required.
• Represent Operational Risk by attending and challenging at key governance meetings (e.g. key 3rd party IT supplier service & risk governance committees, IT Risk & Controls Committee, and Business Continuity and Information Security Steering Committee).
• Take the lead oversight role in ensuring that the appropriate controls are in place for any new or emerging technology delivered.  This includes representing Operational Risk & Compliance in review and approval of any proposed or existing uses of externally hosted technologies (included cloud services) as part of an existing hosting governance process.
• Provide review and challenge of high priority security, infrastructure and applications IT change projects and programmes.
• Act as a key operational point of contact for internal and external audit with management, ensuring recommendations are comprehensively reviewed and implemented. 
• Work alongside the Compliance function in assessing and pursuing the risk implications of FCA / PRA regulatory requirements with respect to management of IT Operational Risk.
• Work routinely with other IT Operational Risk specialist resources across the group as a functional team to:
• share specialist skills / knowledge
• help to ensure specialist resource organizational coverage / redundancy
• develop and maintain a common / shared approach to IT risk oversight, standard reference controls, reporting, and sharing of best practices
• represent IT Operational Risk in group wide initiatives, working groups, and/or other committees from time to time
• Ensure technical and professional risk management expertise is developed and maintained.
• Ensure IT risk management activities include due consideration to impacts and fair treatment of customers.

• Strong Academic background
• CISA (Strong preference)
• Pro-active in terms of supporting the business and team in other areas.
• Good analytical skills, enquiring mind, with a tenacious approach.
• Commercial and strategic approach to management of risk
• Accurate with attention to detail.
• Strong organisation skills and able to work to deadlines.
• Good communication skills, both written and verbal.
• Confident and able to present in structured manner.
• Common sense approach.
• Good team player.

Desirable: CoBIT 5, CISA, CISM, CISSP, ITIL

Whatever your role, we reward ability, performance and attitude with a package that looks after all the things that are important to you. Our employees have a wide range of benefits including a generous pension scheme, life assurance, 25 days' holiday, private medical insurance, performance related bonuses, a variety of share schemes, discounts at both a huge range of high street stores and our own great products, as well as a 12% car allowance scheme, your hard work will be rewarded when you join us.