Location: UK, London
Reports to: Group Head of SOx
Department: Risk
Type: Full-Time | Permanent
Role Overview
As the Head of IT SOx, you will lead the global IT SOx compliance program, ensuring the organisation meets all technology related regulatory requirements under Sarbanes-Oxley (SOx) Section 404. You will be responsible for designing, implementing, and maintaining effective IT general controls (ITGCs), application controls, and automated controls across our technology landscape. This is a strategic leadership role requiring deep expertise in IT risk, controls, and audit, as well as the ability to influence cross-functional stakeholders in a dynamic, post-IPO environment.
Key Responsibilities
* Develop and execute the global IT SOx strategy aligned with the company\'s risk and compliance framework.
* Build and lead the IT SOx function, including policies, standards, RACI, control library, and playbooks.
* Lead the annual IT SOx scoping, risk assessment, and control design process.
* Oversee the documentation, testing, and remediation of ITGCs and automated controls.
Stakeholder Engagement
* Partner with IT, Internal Audit, Finance, and external auditors to ensure timely and effective execution of SOx activities.
* Provide guidance and training to control owners and process leads across the business.
Controls Design, Execution & Quality
* Ensure robust design and operation of ITGCs; drive control design in project/change lifecycles and cloud migrations.
* Maintain a high quality evidence repository and documentation standards that are test ready.
* Coordinate SOx walkthroughs, control owner training, and readiness assessments before formal testing.
Governance & Reporting
* Establish governance mechanisms to monitor control effectiveness and remediation progress.
* Leverage GRC platforms for control inventory, issues, and evidence workflows.
* Articulate KPIs/KRIs, dashboards, cadences, and executive reporting to the CRO, CTO, Risk and Audit Committee.
* Report regularly to senior leadership and the Audit Committee on IT SOx status, risks, and issues.
* Drive automation and efficiency in control testing and monitoring.
* Stay abreast of regulatory changes and industry best practices to enhance the SOx program.
Candidate Experience & Technologies
Candidates should have hands-on experience or oversight capabilities across the following technologies and platforms:
* ERP & Finance Systems:
* Governance, Risk & Compliance (GRC):
* ServiceNow GRC, AuditBoard, or similar platforms
* Identity & Access Management (IAM):
* Role-based access controls, segregation of duties, privileged access management
* IT Service Management (ITSM):
* ServiceNow
* Security & Compliance Frameworks:
* COBIT, SOC 1/2, CIS Controls, ISO 27001, NIST CSF
Qualifications & Experience
* Bachelor\'s degree in Information Systems, Accounting, or related field; CISA, CISSP, or CPA preferred.
* 10+ years of experience in IT audit, SOx compliance, or IT risk management, ideally within financial services or insurance.
* Proven track record of leading IT SOx programs in a public company environment.
* Expert knowledge of SOx404, ITGCs, IPE, EUC, IAM/SoD, and SDLC/change management across on-premise and cloud environments.
* Demonstrated success passing Internal Audit and External Audit testing under PCAOB standards and closing complex deficiencies.
* Strong understanding of ITGCs, application controls, cloud environments, and cybersecurity frameworks.
* Leading global teams and managing different level of stakeholders.
* Excellent communication, leadership, and coaching.
Why Join Us?
Be part of a high-impact leadership team shaping the compliance culture of a newly listed global firm.
Work in a collaborative, entrepreneurial environment with opportunities for growth and innovation.
Competitive compensation, benefits, and flexible working arrangements.
#J-18808-Ljbffr