Global Head of Technology Controls Assurance in London

The Apex Group was established in Bermuda in 2003 and is now one of the world’s largest fund administration and middle office solutions providers. Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.

The Global Head of Technology Controls is accountable for defining, implementing, and overseeing Apex Group’s global technology control framework. The role ensures that key technology and cyber controls are consistently designed, implemented, and operating effectively across all regions, legal entities, and technology platforms. Working closely with the Group CISO, Technology, Risk, Compliance, cyber and IT service areas and Audit functions, this role provides assurance that Apex’s technology control environment meets regulatory expectations, supports operational resilience, and enables secure business growth.

• Define and maintain Apex’s global technology control framework, aligned to the Group’s risk appetite, cyber strategy, Apex Gold Standard and regulatory obligations.
• Establish clear control standards, policies, and minimum requirements covering infrastructure, applications, cloud, identity, data, and end-user computing.
• Ensure consistent adoption and maturity of technology controls across regions and entities.
• Perform all duties requested by the Group CISO to deliver the Target Operating Model and Cyber Strategy.
• Oversee the design and implementation of preventive and detective technology controls across the enterprise.
• Ensure controls are clearly mapped to key technology and cyber risks, regulatory requirements, and industry standards.
• Drive continuous improvement of control effectiveness, consistency, and automation.
• Lead global technology control testing and assurance activities, partnering closely with Technology Assurance, Risk, and Internal Audit.
• Ensure timely identification, escalation, and remediation of control weaknesses and issues.
• Provide clear, risk-based reporting on control effectiveness, issues, and remediation progress to the Group CISO and governance forums.
• Support regulatory examinations, client due diligence, and external audits related to technology and cyber controls.
• Ensure technology controls support Apex’s operational resilience, data protection, and cyber security obligations.
• Partner with Enterprise Risk Management to ensure technology risks are appropriately assessed and managed.
• Ensure robust technology control requirements are embedded into third-party, outsourcing, and cloud arrangements.
• Oversee control expectations for managed service providers and offshore service models.
• Address evolving risks associated with cloud platforms, SaaS solutions, and emerging technologies.
• Act as a key advisor to the Group CISO on technology control maturity, risks, and investment priorities.
• Engage senior Technology, Risk, Compliance, and business leaders to drive accountability for control ownership.
• Present control posture, key risks, and remediation themes to executive and board-level forums.
• Build and lead a high-performing global technology controls team with strong technical and risk capability.
• Drive skills development, succession planning, and consistent ways of working across regions.
• Foster a culture of accountability, continuous improvement, and collaboration.
• Lead and develop global cyber Technical and Operational Services, advisory and service delivery teams.
• Build a strong delivery culture focused on accountability, quality, and continuous improvement.
• Manage strategic cyber security vendors and service providers.
• Support talent development in line with Apex’s growth and acquisition strategy.

• Minimum of 10 years of extensive cybersecurity experience, with at least 7 years in a senior leadership role and a proven track record in leading a global cyber GRC function.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences at various hierarchical levels.
• Extensive experience leading technology controls, IT risk, cyber controls, or technology assurance in a global, regulated environment.
• Strong understanding of enterprise technology environments, including cloud, infrastructure, applications, identity, and data.
• Track record of successfully managing a high-performing cybersecurity organization with the ability to motivate and mentor high-performing security teams.
• Proven experience working with regulators, auditors, and client assurance teams.
• Ability to operate at executive level, providing clear, pragmatic, and risk-based advice.
• Strong leadership skills to influence organizational change, build teams, and communicate security priorities effectively.
• Business acumen to understand enterprise operations, risk tolerance, and industry dynamics.
• Analytical skills to conduct technical assessments, prioritize vulnerabilities, and develop risk treatment plans.
• Project management skills to assist with the development and execution of the cybersecurity strategy and roadmaps.
• Passion for continuous learning to stay current on advancing threats and security best practices.
• Ability to maintain a calm structured mindset even when under pressure.

• Degree in Information Technology, Information Security, or a related discipline (or equivalent experience).
• Relevant certifications such as CISA, CISSP, CISM, CRISC, or equivalent are preferred.