Tech Risk & Compliance Lead

Tech Risk & Compliance Lead

Full-Time 60000 - 68231 £ / year (est.) No working from home possible
Chubb Ltd.

At a Glance

  • Tasks: Lead tech risk and compliance initiatives, ensuring robust controls in system design.
  • Company: Join a leading financial services firm focused on innovation and compliance.
  • Benefits: Enjoy a competitive salary and opportunities for professional growth.
  • Other info: Dynamic role with continuous improvement opportunities in a fast-paced environment.
  • Why this job: Make a real impact by shaping compliance strategies in cutting-edge technology projects.
  • Qualifications: 5+ years in IT compliance or risk, with strong knowledge of SOX and GDPR.

The predicted salary is between 60000 - 68231 £ per year.

The Tech Risk engage at design stage with architects and engineers to embed ITGCs, preventing control gaps from being introduced through system design.

Provide compliance input into cloud migrations, platform modernisation, database upgrades, and identity management programmes.

Develop and maintain a controls reference framework as a practical design guide for architects and platform owners.

Regulatory Control Implementation and Testing - SOX, GDPR and DORA Embed GDPR technical and organisational controls (access control, encryption, logging, data retention and deletion, and audit trails) into infrastructure design and the ITGC framework, partnering closely with the Data Protection Officer and privacy function.

Establish a consolidated regulatory control mapping so that a single, well-designed set of controls satisfies SOX, GDPR and DORA obligations, reducing duplication and control fatigue across the estate.

Report on control implementation and testing status against regulatory requirements and track remediation of identified gaps through to closure.

Advisory and Stakeholder Engagement Act as compliance advisor to application owners, architects, and engineering teams on ITGC-compliant access models, change workflows, and operational procedures.

Participate in architecture review boards and governance forums as the designated compliance representative; serve as primary contact for internal audit and Pw C for all infrastructure-related SOX testing, evidence requests, and findings management.

Provide structured reporting to senior leadership on compliance posture, open findings, and remediation status.

Technology Risk and Continuous Improvement Conduct periodic IT risk assessments and produce decision-ready risk reporting for senior management; assess compliance implications of new technologies and delivery models prior to adoption.

Drive standardisation and continuous improvement of the infrastructure compliance programme; develop guidance materials and training for infrastructure and application teams.

Operate effectively within an evolving regulatory environment, including GDPR, DORA, FCA requirements, and Lloyd's reporting obligations.

Qualifications EXPERIENCE Minimum 5 years in IT compliance, IT external or internal audit, or technology risk within financial services, insurance, or Big 4.

Proven ownership of SOX ITGC programmes including proactive monitoring and deficiency remediation.

Track record of reviewing architectural artefacts from a compliance perspective and guiding technical teams on control implementation.

Prior engagement with Big 4 external audit at a senior client-side level, or equivalent auditor-side experience.

SOX ITGCs: logical access, change management, computer operations, and segregation of duties.

Privileged access management tools: Cyber Ark and/or Sail Point.

Infrastructure platforms: Windows Server, Linux/AIX, i Series (AS400), Oracle Database, SQL Server, and DB2.

Ability to critically assess architecture documents and identify control design implications.

Working knowledge of EU regulatory frameworks affecting infrastructure, including DORA operational‑resilience requirements and GDPR technical and organisational controls.

QUALIFICATIONS Required: Bachelor’s degree in Computer Science, Information Technology, or a related discipline.

Preferred: Certified Information Systems Auditor (CISA).

Advantageous: CRISC, CISM, or equivalent professional qualification.

Benefits Competitive salary

Tech Risk & Compliance Lead employer: Chubb Ltd.

As a Tech Risk & Compliance Lead, you will thrive in a dynamic environment that prioritises innovation and compliance within the financial services sector. Our company fosters a collaborative work culture, offering extensive employee growth opportunities through continuous training and development, while also providing a competitive salary and benefits package. Located in a vibrant city, we ensure our team members enjoy a balanced work-life experience, making us an excellent employer for those seeking meaningful and rewarding careers.

Chubb Ltd.

Contact Details:

Chubb Ltd. Recruitment Team

We think you need these skills to ace Tech Risk & Compliance Lead

IT General Controls (ITGCs)
SOX Compliance
GDPR Compliance
DORA Compliance
Regulatory Control Mapping
Access Control Implementation
Encryption Techniques