Job Title Director, Technology & Operational Risk Job Description About IG Group IG is a FTSE 100 fintech operating across five continents, serving over 1.3m customers and handling billions of dollars in transactions – built on scale, trust, and proof. We didn't pivot to innovation; it's how we've always operated. What that means for the people who work here is real: genuinely complex problems to solve, the technology and resources to tackle them properly, and the kind of scope that's rare in established businesses. The bar is high – bring a curious and forward-thinking mindset and we'll give you the platform to define what comes next. Join us at IG – the future gets built here. Our core values — Champion the Client, Learn Fast Together, and Raise the Bar — drive our commitment to delivering innovative technology and exceptional client service. IG Group is undergoing a significant transformation, led by CEO Breon Corcoran and a refreshed senior leadership team. As IG expands its fintech and digital assets offering — including crypto — and accelerates its use of AI-driven products and platforms, the Risk function is a critical pillar of this journey, embedding robust second-line capability that enables IG to innovate and grow with confidence across its global footprint. About the Opportunity This is a senior, technically substantive role at the heart of IG's second line of defence. As Director of Technology & Operational Risk, you will own the design and operation of IG's core operational and technology risk processes — from incident response and control attestations to RCSA facilitation and risk register management — ensuring the framework is both rigorous and commercially informed. You will be a subject matter expert who commands credibility with technologists, product teams, and regulators alike — equally comfortable navigating the risk landscape of a global retail trading platform and the emerging challenges of crypto, AI, and digital asset products. This is a role for someone who operates at the intersection of technical depth and strategic influence, and who thrives in a fast-moving, innovation -led financial services environment. Key Responsibilities Operational Risk Framework & Process Ownership Design and maintain IG's operational risk framework in line with MIFIDPRU requirements and the ICARA process, including quantification of operational risk exposure for capital adequacy purposes. Own the end-to-end operational risk event and issue (ORE) lifecycle — identification, recording, root cause analysis, remediation tracking, and lessons learned — ensuring consistent standards across all business lines. Design, facilitate, and challenge Risk and Control Self-Assessments (RCSAs) across the organisation, with particular focus on technology, operations, and commercial functions. Maintain the operational risk loss database, producing regular management information for Risk Committees and the Board. Manage the control attestation process and operational risk registers, driving discipline and accountability across first-line owners. Technology Risk Management Lead second-line oversight of technology risk, covering cyber, infrastructure, data, and change risk, ensuring the risk profile remains within Board-approved tolerances. Oversee the incident response framework, providing independent challenge and assurance on first-line incident identification, escalation, and remediation. Embed a robust technology risk assessment methodology, partnering with Technology and Operations teams to identify and mitigate emerging risks — including those arising from AI adoption, algorithmic systems, and crypto/digital asset infrastructure — before they crystallise. Oversee Business Continuity Management (BCM) and Disaster Recovery (DR) risk assessments and own Crisis Management frameworks, ensuring IG meets its important business service obligations under the Group's operational resilience frameworks. New Product & Innovation Risk Partnership Partner with business and product teams on the design and launch of new products — including crypto, digital assets, and AI-powered features — ensuring proportionate risk and control frameworks are established from inception rather than retrofitted. Provide credible second-line challenge and guidance across IG's diverse product range, from large-scale retail trading platforms to emerging and scaling fintech propositions, calibrating control expectations to the maturity, scale, and risk profile of each. Engage proactively with first-line teams on operational risk considerations in product and technology change programmes, acting as a trusted risk partner without obstructing pace of innovation. Maintain awareness of the evolving risk landscape for digital assets, crypto custody, DeFi-adjacent products, and AI-driven decisioning, providing horizon-scanning input to senior leadership and product governance forums. Regulatory & Prudential Risk Support the annual ICARA process by providing robust operational risk capital calculations, including scenario-based stress testing and quantitative modelling of tail loss events. Engage proactively with prudential and conduct regulatory developments, drafting IG's responses to FCA consultations and thematic reviews relevant to technology and operational risk. Act as a subject matter expert during regulatory examinations, internal audits, and external reviews, representing the second-line function with confidence and authority. Governance, Oversight & Reporting Prepare and present risk reports, emerging risk assessments, and thematic reviews for the Risk Committee, Audit Committee, and Board Risk Committee. Maintain IG's operational risk policy suite, including the Operational Risk Policy, Outsourcing & Third Party Risk Policy, and Business Continuity Policy. Provide second-line oversight and challenge to third-party and outsourcing risk, ensuring material arrangements meet regulatory and internal standards. Build and sustain strong working relationships with Technology, Operations, Compliance, Finance, and Front Office, acting as a trusted and commercially grounded risk partner. Key Deliverables & Outcomes A mature, well-governed operational and technology risk framework that withstands regulatory scrutiny, meets Board expectations, and protects against material loss. Timely, high-quality MI and risk reporting that enables informed decision-making at committee and Board level. A rigorous RCSA process embedded across business lines, with clear ownership and meaningful outputs. An incident management framework that drives swift escalation, root cause resolution, and sustainable remediation. Robust ICARA-aligned operational risk capital quantification, including credible stress-testing scenarios. A policy suite that is current, proportionate, and actively applied across the organisation. Effective second-line challenge to first-line technology and outsourcing risk management. Proportionate, well-designed risk and control frameworks for new and scaling products, including crypto and AI-enabled propositions. Leadership Success Profile Professional Experience Significant experience in operational and/or technology risk within financial services, with meaningful exposure to fintech, digital assets, or crypto — gained in a second-line or specialist risk function. Deep working knowledge of UK regulation, including MIFIDPRU and FCA expectations for operational resilience, with awareness of the evolving regulatory framework for crypto assets and digital markets. Proven track record of designing and operating core risk processes — RCSAs, risk registers, control attestations, incident management — at scale and across global, diversified businesses. Experience quantifying operational risk for capital adequacy purposes, including scenario analysis and stress testing. Strong grasp of technology risk disciplines, including cyber risk, infrastructure risk, data risk, technology change management, and emerging risks associated with AI systems and crypto infrastructure. Track record of engaging in new product and innovation risk processes, providing proportionate second-line input across products at different stages of maturity and scale. Track record of presenting to and influencing senior committees and regulators, with the gravitas to challenge constructively at all levels. Skills & Attributes Technically credible — able to engage meaningfully with Technology, Engineering, and Product teams, and translate complex exposures into clear risk language. Commercially minded — understands business drivers and calibrates risk management to support, not obstruct, strategic objectives and innovation ambitions. Outstanding communicator — able to convey complex risk topics with clarity and authority, both in writing and in person. Rigorous and disciplined — brings structure and consistency to risk processes without sacrificing pragmatism. Collaborative and influential — builds trusted relationships across functions and operates effectively in a matrixed, global organisation. Follows IG's five performance principles: Lead and Inspire, Think Big, Champion the Client, Deliver at Pace, and Raise the Bar. Why IG Group? Strategic Influence at Scale: Shape the operational and technology risk agenda for a FTSE 100 fintech operating across nineteen countries, with direct access to Risk Committee and Board. At the Frontier of Fintech Risk: Engage with the risk challenges that define the next era of financial services — crypto, digital assets, AI-driven products, and global retail trading at scale — in a business actively investing in all of them. Technical Depth, Strategic Reach: A rare role that demands genuine subject matter expertise while operating at a senior level — combining hands-on framework ownership with executive-level influence. Regulatory Relevance: Lead IG's engagement with fast-evolving prudential and operational resilience expectations, including MIFIDPRU, DORA, FCA crypto asset regulation, and emerging AI governance frameworks. Transformation Agenda: Join at a pivotal moment in IG's growth story, with the opportunity to embed best-in-class risk practices as the business scales and diversifies its product range. Competitive Rewards: A competitive package including salary, performance-related bonus, equity participation, and a comprehensive benefits suite within a dynamic, future-focused business. Number of openings 1