Control Assurance & Advisory Director in London

Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity. Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.

Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.

About the role: The Control Advisory and Assurance Director leads a service which validates that all relevant security and compliance requirements (derived from Written Standards) are adequately addressed throughout the product lifecycle and post go-live, ensuring Security & Compliance by Design. This role governs ongoing changes to the overall D&T control environment and provides ongoing expert advice to improve controls. It hosts the Control Center of Excellence (for SOx, GxP, and beyond) ensuring robust operational governance and advisory services across Digital & Technology (D&T). Additionally, this role works very closely with the first line of defense (oversight risk and compliance teams, control owners, and control operators), second lines of defense outside D&T (such as Financial Risk Management and Controls team) and the InfoSec policy and advisory teams to ensure that security by design principles are adhered to during the delivery of projects. This role will be actively involved in the One SOX program to ensure that all remediation activities relying on D&T technical delivery are appropriately defined and completed on time. Furthermore, this role is responsible for ensuring that Audit Risk Committee papers are drafted on time and aligned with all relevant stakeholders prior to submission, maintaining accuracy, completeness, and strategic alignment. This role requires active and constant interaction with senior stakeholders within and outside D&T.

Role Responsibilities:

• Control assurance services: define and maintain the D&T Risk Assessment process, providing tools and expert guidance to the first line of defence.
• Project assurance leadership: oversee assurance activities across all D&T Tech Business Units, ensuring compliance with all relevant Written Standards and regulatory requirements (SOX, GxP, cybersecurity).
• Governance of control operations: lead governance of control operations and manage the Control COE for SOX and GxP.
• Change management: govern changes to the control environment, ensuring alignment with compliance frameworks and risk appetite.
• Regulatory audit support: coordinate regulatory audits and inspections, ensuring timely remediation and advisory support.
• Continuous improvement: drive optimization of processes and controls, embedding compliance by design principles into projects and BAU activities.

Qualifications:

• Bachelor’s degree in Information Systems, Computer Science, Engineering, or a related field.
• Significant experience in IT General Controls (ITGC).
• Experience working with managing external audits and regulatory inspections.
• Significant experience in embedding “security and compliance by design” into projects and BAU activities.
• Experience with preparing Audit Risk Committee papers and ensuring audit readiness.
• Deep familiarity with SOX and GxP compliance requirements and audit readiness.
• Significant experience in embedding lessons learned into updated frameworks to prevent recurrence.
• Experience in providing expert guidance to first-line teams and senior leadership.
• Experience in influencing adoption of compliance practices without compromising business agility.

Preferred Qualifications:

• CISA / CRISC/ CGEIT or other relevant qualification.

Equal Opportunities: Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.

Adjustment or Accommodations Request: If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence.

Note to candidates: The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.