Location: UK, London
Reports to: Group Head of SOx
Department: Risk
Type: Full-Time | Permanent
Role Overview As the Head of IT SOx, you will lead the global IT SOx compliance program, ensuring the organisation meets all technology related regulatory requirements under Sarbanes-Oxley (SOx) Section 404. You will be responsible for designing, implementing, and maintaining effective IT general controls (ITGCs), application controls, and automated controls across our technology landscape. This is a strategic leadership role requiring deep expertise in IT risk, controls, and audit, as well as the ability to influence cross-functional stakeholders in a dynamic, post-IPO environment.
Key Responsibilities Develop and execute the global IT SOx strategy aligned with the company\'s risk and compliance framework.
Build and lead the IT SOx function, including policies, standards, RACI, control library, and playbooks.
Lead the annual IT SOx scoping, risk assessment, and control design process.
Oversee the documentation, testing, and remediation of ITGCs and automated controls.
Stakeholder Engagement Partner with IT, Internal Audit, Finance, and external auditors to ensure timely and effective execution of SOx activities.
Provide guidance and training to control owners and process leads across the business.
Controls Design, Execution & Quality Ensure robust design and operation of ITGCs; drive control design in project/change lifecycles and cloud migrations.
Maintain a high quality evidence repository and documentation standards that are test ready.
Coordinate SOx walkthroughs, control owner training, and readiness assessments before formal testing.
Governance & Reporting Establish governance mechanisms to monitor control effectiveness and remediation progress.
Leverage GRC platforms for control inventory, issues, and evidence workflows.
Articulate KPIs/KRIs, dashboards, cadences, and executive reporting to the CRO, CTO, Risk and Audit Committee.
Report regularly to senior leadership and the Audit Committee on IT SOx status, risks, and issues.
Drive automation and efficiency in control testing and monitoring.
Stay abreast of regulatory changes and industry best practices to enhance the SOx program.
Candidate Experience & Technologies Candidates should have hands-on experience or oversight capabilities across the following technologies and platforms:
ERP & Finance Systems :
Governance, Risk & Compliance (GRC) :
ServiceNow GRC, AuditBoard, or similar platforms
Identity & Access Management (IAM) :
Role-based access controls, segregation of duties, privileged access management
IT Service Management (ITSM) :
ServiceNow
Security & Compliance Frameworks :
COBIT, SOC 1/2, CIS Controls, ISO 27001, NIST CSF
Qualifications & Experience Bachelor\'s degree in Information Systems, Accounting, or related field; CISA, CISSP, or CPA preferred.
10+ years of experience in IT audit, SOx compliance, or IT risk management, ideally within financial services or insurance.
Proven track record of leading IT SOx programs in a public company environment.
Expert knowledge of SOx404, ITGCs, IPE, EUC, IAM/SoD, and SDLC/change management across on-premise and cloud environments.
Demonstrated success passing Internal Audit and External Audit testing under PCAOB standards and closing complex deficiencies.
Strong understanding of ITGCs, application controls, cloud environments, and cybersecurity frameworks.
Leading global teams and managing different level of stakeholders.
Excellent communication, leadership, and coaching.
Why Join Us? Be part of a high-impact leadership team shaping the compliance culture of a newly listed global firm.
Work in a collaborative, entrepreneurial environment with opportunities for growth and innovation.
Competitive compensation, benefits, and flexible working arrangements.
#J-18808-Ljbffr