IT SOX Compliance Lead

Social network you want to login/join with:

Working within the EMEA IT PMO team, the newly created IT SOX Compliance Officer position is a key strategic role within the compliance and regulatory framework of the Chubb organisation. Liaising with key stakeholders including regional executive & senior management (up to C suite), external auditors (PWC), internal audit, global risk & compliance, and IT system owners, the IT SOX Compliance Officer will be responsible for setting up the process for assessing, delivering and monitoring SOX controls as a new function within the regional IT team.

The EMEA IT team is responsible for delivering and maintaining the IT applications used within the region by the various insurance lines of business, which is a highly regulated market with oversight from the FCA & PRA in the UK and the ACPR in France. As a publicly quoted company, Sarbanes-Oxley (SOX) rules also apply, and there are internal controls and audit impacts both as a Financial Institution and as a technology organisation, with further regulation coming from the Digital Operational Resilience Act (DORA) that is being implemented.

The successful candidate will be responsible for the oversight and delivery of all IT risk and audit activities and act as the primary liaison with internal and external audit partners to ensure the EMEA IT systems are in compliance with all SOX and audit requirements in the increasing & changing regulatory environment.

The role requires a combination of SME knowledge (governance, compliance, risk management & best practice), the ability to articulate, communicate & prioritise to others, and the capability to project manage and drive change in order to raise standards, address weaknesses, and implement and continually improve the SOX controls environment. In addition, there will be line management responsibilities for the small team of IT analysts who oversee the automated reconciliation process across the IT systems, ensure all issues are prioritised and remediated correctly, and trends identified and addressed, working closely with the relevant system owners and partners in the business & operations teams.

The role requires strong SOX audit experience and will suit someone with either finance/technical controls experience, preferably within insurance or as a minimum in another Financial Services institution.

Key Responsibilities:

1. Responsible for the ongoing assessment, processes & controls to ensure the regional IT systems comply with the SOX, audit and compliance requirements.
2. Engage with key stakeholders including executive & senior management (C-suite), external auditors (PWC), audit, risk & compliance functions, and IT system owners to ensure all SOX compliance requirements are understood and monitored.
3. Knowledge of IT General Controls (ITGCs) and interface controls. Ability to articulate the control requirement and deliver best practice in the design and end operation.
4. To QA controls, their operation and supporting processes & procedures for their effectiveness and bring about change to ensure that EMEA IT operate an assured control environment.
5. Ability to deliver change in a structured method (project management) to implement or improve existing controls or bring around remediation or deliver a successful outcome to any assurance/audit event.
6. Work across a diverse virtual team of IT functions, auditors, Financial Control, etc. Being able to answer for their agenda and successfully achieve the right outcomes for EMEA IT.
7. Drive improvements by enforcing best practice and standards and sharing learnings across the team.
8. Line management and oversight of a team of IT Analysts responsible for the automated BAU reconciliation process and remediation of failures.
9. Operate in a constantly evolving and changing governance environment and be able to adapt to taking on new duties as regulation changes.

Experience:

1. 5+ years experience in a SOX audit role, within a financial organisation or external audit partner (client facing).
2. Insurance or financial sector experience.
3. MS Office – especially Excel & PowerPoint.

Qualifications:

1. Certified Information Systems Auditor (CISA) certified.
2. Any other relevant compliance, risk or assessment qualifications.

#J-18808-Ljbffr