Location
London
Business Area
Legal, Compliance, and Risk
Ref #
Description & Requirements
Our Team
Bloomberg's Risk and Compliance functions play a critical role in supporting the firm's businesses, clients, and global operations. We partner closely with Technology, Engineering, Legal, and Business stakeholders to manage complex risk and control environments in a fast-paced, highly regulated landscape. Our teams value collaboration, clear accountability, and pragmatic risk management, and we work together to deliver outcomes that scale with the firm.
The Risk and Compliance Shared Services (RCSS) team supports firmwide programs that require strong coordination, governance, and senior stakeholder engagement. We are seeking a SOC Program Strategy Lead to own the strategy, governance, and delivery of Bloomberg's System and Organization Controls (SOC) reporting program, ensuring sustained audit readiness and alignment with regulatory and client expectations.
What's the Role?
As the SOC Program Strategy Lead, you will be accountable for the end-to-end strategy, governance, and orchestration of Bloomberg's SOC reporting program, along with related high-profile, firmwide initiatives.
You will ensure that operational risks, controls, and supporting artifacts are clearly understood, consistently documented, and effectively integrated to meet audit and regulatory expectations. This includes shaping how Bloomberg approaches SOC reporting over time—not just execution in a single cycle.
This is a senior, strategic, and highly cross-functional role. You will focus on forward-looking risk and resilience considerations, governance design, and executive-level decision support. You will partner closely with Technology, Engineering, Legal, Product, Risk, Compliance, Internal Audit and external auditors, and you will provide direction, prioritization, and quality oversight across internal teams and third-party audit partners.
We'll Trust You To
SOC Reporting Program Leadership
Own the overall strategy and multi-year roadmap for Bloomberg's SOC reporting program, including defining approach, scope, and product coverage based on client expectations, control maturity, and opportunities to consolidate horizontal or thematic controls
Develop and manage the annual SOC plan, aligning timelines and scope across control domains while accounting for other assurance activities and firmwide initiatives
Partner with Technology, Engineering, and subject matter experts to assess control environments, policies, system boundaries, dependencies, and supporting artifacts to inform SOC readiness
Lead the end-to-end execution of SOC reporting, coordinating across internal stakeholders and external auditors to ensure timely, high-quality delivery
Serve as the primary point of accountability for SOC program status, proactively communicating progress, risks, issues, and trade-offs to senior management
Identify emerging risks, execution challenges, or control gaps early, and provide clear, actionable recommendations to support informed decision-making
Act as the central point of coordination with external auditors, including scope discussions, timelines, expectations, issue escalation, and resolution
Ensure clear ownership, governance, reporting, and escalation for remediation activities identified through SOC assurance reports
Leadership, Communication, and Continuous Improvement
Translate complex audit, regulatory, control, and technical topics into clear, concise messaging for senior and executive-level stakeholders
Manage and mentor a team of individual contributors, setting priorities, providing guidance, and ensuring consistent, high-quality execution
Continuously identify opportunities to strengthen governance, documentation, planning, and operational resilience across programs
Operate as a trusted advisor to senior leadership, providing forward-looking insights rather than reactive updates
You'll Need To Have
Bachelor's degree in Business, Finance, Technology, Risk Management, or a related field
15+ years of experience in risk management, compliance, audit, technology risk, operational resilience, or related leadership roles within complex, regulated organizations
Deep understanding of SOC 1 and SOC 2 reporting, including controls aligned to the Trust Services Criteria (security, availability, processing integrity, confidentiality, and privacy)
Experience with intragroup services, service governance, outsourcing risk, or third-party / intragroup frameworks
Strong familiarity with operational resilience, continuity, and regulatory expectations
Demonstrated experience partnering effectively with Technology and Engineering teams
Proven ability to engage, influence, and advise senior stakeholders, including through formal governance forums
Experience managing external auditors or service providers
Excellent written and verbal communication skills
Experience managing or leading direct reports
We'd Love To See
Experience leading firmwide assurance, risk, or resilience programs
Experience supporting regulatory exams or supervisory engagements
Familiarity with data-intensive, or highly integrated technology environments
Comfort operating in ambiguity and advising at executive levels
Experience as a SOC auditor or designing a SOC program
Experience in Financial Services or FinTech
If This Sounds Like You
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free
to have a look at:
Discover what makes Bloomberg unique - watch our for an inside look at our culture, values, and the people behind our success.