Risk & Compliance Architect

Role: Senior Risk & Compliance Architect

Location: London (Hybrid, 3 days on-site – City of London)

Duration: Contract (6-9 months initially with potential for extension)

• Architecture Leadership: Proven ability to define target state architectures, map current vs. future state, and deliver pragmatic roadmaps to achieve transformation. Strong knowledge of architecture patterns, frameworks (e.g., TOGAF), and solution design across cloud and on-premise platforms.
• Governance, Risk & Compliance (GRC): Hands-on experience with GRC tools and technologies such as MetricStream, with the ability to link tools, operational controls, and standards into an integrated architecture.
• Operational Risk Expertise: Solid understanding of operational risk practices in multinational, B2B service environments, ideally within financial services or other highly regulated industries.
• Regulatory Compliance Exposure: Experience aligning architectures with regulatory requirements such as DORA, SOX, HIPAA, and CSRD, with the ability to articulate how compliance and operational controls fit into the wider risk ecosystem.
• Cloud & Integration Experience: Strong track record of architecture, design, and delivery for AWS, Azure, and on-prem platforms, including integration with key enterprise services and AI-based solutions.
• Stakeholder Engagement: Excellent upward stakeholder management skills, with the ability to influence senior leadership through confident communication and well-evidenced architectural proposals.
• Strong analytical and problem-solving mindset, with the ability to evaluate current capabilities and propose relevant solutions.
• Experience articulating “as-is” and “to-be” states and mapping incremental transformation journeys.
• Balanced interpersonal style: proactive and confident in building consensus, but not overly aggressive in driving agendas.
• Exposure to enterprise-scale change programmes involving risk, compliance, or resilience.
• Ability to stay current with evolving regulatory and GRC landscapes and adapt architectures accordingly.

Overview:

We are seeking a Senior Risk & Compliance Architect to provide architectural leadership within the Finance, Compliance, and Risk Engineering function. This is a newly created role within the Risk portfolio, which is a small but growing team with significant investment and visibility.

The successful candidate will bring a strong foundation in architecture, coupled with hands-on knowledge of GRC tools and operational risk practices. They will be responsible for shaping the target state for risk and resilience architecture, ensuring regulatory alignment, and influencing senior stakeholders to gain buy-in for solutions.

This role will require balancing technical expertise with strategic vision and stakeholder engagement.

Role & Responsibilities:

Architecture & Target State Development

• Assess the current ecosystem of risk and resilience solutions and define the target state architecture.
• Map the as-is vs. to-be states, creating pragmatic roadmaps for short-, medium-, and long-term transformation.
• Design scalable and compliant architectures across cloud (AWS, Azure) and on-prem environments, including integration with enterprise services and AI-based solutions.

Governance, Risk & Compliance (GRC)

• Provide architectural leadership for GRC solutions, with practical experience in tools like MetricStream.
• Align architecture with operational controls, policies, standards, and regulatory frameworks (e.g., DORA, SOX, HIPAA, CSRD).
• Evaluate and recommend technology solutions that strengthen governance, resilience, and compliance.

Implementation & Delivery

• Guide solution teams through architecture design, integration, and delivery.
• Ensure that architectural outcomes align with compliance, resilience, and risk management objectives.
• Provide input on investment decisions by highlighting immediate changes vs. long-term strategic initiatives.

Stakeholder Management & Influence

• Act as a trusted advisor to senior stakeholders, communicating architectural vision and decisions clearly and persuasively.
• Build consensus across teams and leadership while maintaining balance and professionalism.
• Represent the Risk portfolio in discussions with other architecture groups, regulators, and compliance functions.
• Stay updated with new regulations, compliance standards, and cloud capabilities to evolve architecture approaches.
• Introduce innovative, scalable solutions that improve resilience while optimising cost and performance.

Support & Knowledge Transfer

• Document architectures, roadmaps, and decisions clearly for organisational learning.
• Share expertise and mentor colleagues in risk and resilience architecture, strengthening team capabilities.