×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Business Analyst

Technology Risk and Control Analyst

Job in City Of London, Central London, Greater London, England, UK
Listing for: LegalAndGeneral
Seasonal/Temporary, Contract position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Location: City Of London

  • Permanent/Regular or Fixed Term Contract/Temporary:
    Permanent (UK and ROW) / Regular (US)
  • L&G Business Unit:
    Legal & General Group Functions
  • L&G sub Business Unit: GROUP CHIEF RISK OFFICER
  • Primary

    Location:

    London, One Coleman Street
  • Job Family:
    Risk
Company Description

Legal & General (L&G) is a leading UK financial services group and major global investor.

We’ve been safeguarding people’s financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders.

We are one of the world’s largest asset managers and provide powerful asset origination capabilities. Together, these underpin our retirement and protection solutions: we are an international player in pension risk transfer, in UK and US life insurance, and in UK workplace pensions and retirement income.

Our Group Functions provide the services that all areas of the business need. This requires a talented and diverse team behind the scenes, who enable everyone at L&G to do what they do best.

Joining us means helping to improve the lives of our customers and contributing to the success of the business every day.

Job Description

We are seeking a Technology Risk and Control Analyst to support the effective management of Information, Technology, and Data risks across L&G. This role will be responsible for analysing and reporting on risk management activities, while partnering closely with First Line of Defence (1

LoD) teams, process owners, and control owners.

You will provide expert guidance and oversight on the design, implementation, and ongoing effectiveness of the Group’s technology risk and control framework. This includes constructively challenging stakeholders where appropriate to strengthen internal controls, drive timely and proportionate responses to significant control issues and risk events, and enhance data quality to support IT risk management.

The scope of the role spans IT, Information Security, Data, and IT Outsourcing risks, as well as emerging technologies such as Artificial Intelligence (AI), alongside programme assurance activities.

What you’ll be doing :
  • Supporting the Retail 2

    LoD IT & IS Risk team in embedding technology policies, standards, and controls consistently across the Group, ensuring effective risk mitigation through accurate, timely metrics and reporting
  • Delivering data-driven deep dives and targeted assurance reviews to assess the design and effectiveness of key technology controls, in collaboration with 1

    LoD and 1.5

    LoD teams
  • Providing subject matter expertise on technology risk governance, framework application, and policy interpretation, while promoting a strong culture of security and risk awareness
  • Analysing risk and control data from systems such as OneSumX, Service Now, and Prevalent to generate actionable insights and monitor risk exposure against defined tolerances
  • Supporting assurance activities for high-risk technology change programmes, ensuring key risks are identified, understood, and effectively managed throughout delivery
  • Assessing technology-related risk events and control weaknesses, identifying root causes and evaluating remediation actions to drive continuous improvement
  • Producing high-quality risk reporting by collating and synthesising IT and Information Security data for governance forums and committees
  • Collaborating with 1

    LoD and 1.5

    LoD stakeholders to gather, validate, and refine inputs, ensuring accurate and impactful risk reporting and informed decision-making
Who we’re looking for:
  • Degree-level education or equivalent relevant professional experience is desirable
  • Professional certifications in technology risk or information security (e.g., CRISC, CISA, CISSP) are advantageous but not essential
  • Strong understanding of technology risk management and control practices
  • Familiarity with recognised technology and security control frameworks (e.g., ISO 27001, COBIT, NIST) is beneficial
  • Experience using data analysis and analytics to produce meaningful insights and reporting
  • Practical experience in risk management across first, second, or third line of defence functions
  • Solid understanding of IT information risk principles, including…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search