Head of Internal Audit

UK Based (travel occasionally required)

Competitive Salary

Permanent Full Time Position

About the Role

IRIS Software Group is establishing its first in-house Internal Audit function following two successful years of a fully outsourced model. As Head of Internal Audit, you will build and lead a modern, insight-led assurance capability across IRIS’s multi-product SaaS portfolio, including accountancy, payroll/HCM, and education, as well as core group functions and processes. This role combines Third Line (Internal Audit) leadership with support from a co-sourced partner providing internal audit, IT audit, and risk expertise, including specialist areas such as Cyber, Cloud, and Data Privacy. This is a strong opportunity for a high-performing No.2 ready to step up into their first Head of role, with direct exposure to the Audit & Risk Committee and a clear mandate to build the function.

Key Responsibilities

• Own and deliver a dynamic, risk-based internal audit plan aligned to strategic objectives, major change, and principal risks, while establishing the Internal Audit Charter, methodology, and quality framework in line with IIA Global Internal Audit Standards.
• Lead end-to-end audits across operational, financial, compliance, product/technology, and change domains, directing co-sourced SMEs where required, and introducing agile, data-enabled auditing techniques to increase coverage and reduce cycle time.
• Report impactful findings to management and the Audit & Risk Committee, driving timely action closure with a root-cause focus, and plan for an External Quality Assessment (EQA) within 3–5 years.
• Develop an analytics roadmap and implement dashboarding (e.g. Power BI) to support continuous auditing, action tracking, audit KPIs, and risk/trend insights.
• Manage the co-sourced model, working with external partners to flex capability (Cyber, Cloud, Data, Privacy, Regulatory), setting SoWs and SLAs, ensuring quality standards, and enabling knowledge transfer.
• Partner with the Second Line to map and enhance financial, operational, IT (including cyber), and compliance controls, promoting control rationalisation, automation, and over time establishing a control testing programme.
• Provide independent assurance over major change programmes (e.g. product launches, cloud migrations, ERP/HRIS upgrades) and support M&A integration reviews in line with the IRIS M&A Playbook.
• Perform or support internal investigations, drawing on co-sourced expertise as required.
• Facilitate risk-based BCM/DR testing and oversee post-incident reviews to capture control learnings across cyber, technology, and operations.

What we're looking for:

Experience

• 10–15+ years in Internal Audit, ideally within SaaS/technology, payroll, or fintech/payments environments.
• Proven track record leading complex audits end-to-end.
• Exposure to technology and cyber risks (hands-on or via SMEs).
• Experience working in co-sourced and high-change environments.
• M&A integration experience desirable.

Qualifications

• Professional: CMIIA/CIA and/or ACA/ACCA.
• Desirable: CISA, CRISC, ISO 27001 Lead Auditor/Implementer; PRINCE2/AgilePM/Scrum.
• Familiarity with IIA Global Standards (2024), ISO 31000, and UK GDPR.

Skills & Attributes

• Clear, confident communicator with strong executive-level presentation skills.
• Builder’s mindset with a pragmatic, outcome-focused approach.
• Strong understanding of current technology risks and ability to direct SMEs effectively.
• Excellent planning, prioritisation, and vendor/contract management skills.
• Independent and confident in challenging where needed, with a collaborative approach.
• Experience working with US regulated companies or within US jurisdiction is highly desirable.

About IRIS

As one of the UK’s largest privately held software companies, IRIS Software Group exists to simplify the lives of businesses, schools and organisations. IRIS provides software solutions and services that substantially enhance operational compliance, efficiency and accuracy, empowering the users of our technology to look forward with certainty and confidence. Over 4 million parents use our software to connect with their child’s school, 18% of UK employees are paid via an IRIS payroll solution, 50,000 SMEs use IRIS cloud bookkeeping and 21,000 firms rely on us for legislative compliance.

Our operational software is the invisible but essential beating heart of our customers’ businesses, supporting them in a range of objectives, from maintaining legislative compliance to boosting engagement with stakeholders and enhancing productivity. It’s vital these mission-critical functions work first time, every time. That’s why IRIS helps businesses run the tough stuff, stay compliant and get operational tasks done right first time, every time – so they can focus on productivity and growth.

IRIS is a company built on hiring the best people; our people are our greatest assets. They enable us to be the innovative, market-leading, and high-performing company that we are today. We’re delighted to be certified as a Great Place to Work and one of the UK’s Best Workplaces for Women. These accolades confirm that our employees have a consistently positive experience at IRIS, with the certifications considering employee wellbeing, diversity and inclusion, trust in management, effective communication and recognition/reward. IRIS is committed to engaging, rewarding and empowering our employees, and this is central to what we do. This is why we work to create an environment where employees feel like they are part of a team.

Why work for IRIS?

The Benefits

• Generous holiday allowance.
• Charity / volunteering days.
• Income protection insurance.
• Life assurance.
• Employee Assistance Program.
• Private healthcare.
• Enhanced maternity pay.
• Additional discount schemes.
• Cycle to work scheme.

Developing your career

We believe in creating a culture of engagement and reward to develop your potential and offer long-term career success. We do this by:

• Supporting our managers to be great leaders, providing inspirational management resources and offering dedicated management development training.
• Rewarding individual excellence through dedicated initiatives and Employee Awards for demonstrating our values.
• Offering regular training and development programmes tailored to each employee’s development needs and providing a commitment to a ‘learning culture’ which shares knowledge, best practice and our long-standing expertise between employees.
• We’re committed to a culture of continuous improvement and listen to our employees via regular feedback sessions and employee engagement surveys.
• Our employees love the colleagues they work with. We promote a positive environment where our people feel comfortable, make friends and support each other.