IT SOX Compliance Office

The EMEA IT team manage the regionally used IT applications operated by the various insurance lines of business. EMEA is highly regulated market being monitored by the FCA & PRA in the UK and the ACPR in France. In addition as a publicly quoted company Sarbanes Oxley (SOX) rules apply to Chubb. There are internal controls and audit impacts both as a Financial Institution and as a technology organisation. Further regulation will come out the Digital Operational Resilience Act (DORA) that is being implemented.

Working within the EMEA IT PMO team, the IT SOX Compliance Office will be responsible for oversight and delivery of all IT risk and audit controls and activities to ensure the EMEA IT systems are assessed and compliance with all SOX and audit requirements in the increasing & changing regulatory environment.

Liaising with key stakeholders including executive & senior management, external auditors (PWC), internal audit and global risk & compliance functions, and IT system owners, the role will be a combination of both SME knowledge (on governance, compliance, risk management & best practice); the ability to articulate, communicate & prioritise to others; and the capability to project manage the implementation of new controls or the remediation of existing. 

The role will suit someone with either finance/technical controls experience, or a PMO/ projects background who has ideally been responsible for or involved in a governance, compliance or risk role.  Working in an IT or Data function would help but is not essential.  Working in insurance or other Financial Services is a must.

Key Responsibilities: 

Responsible for the ongoing assessment, processes & controls to ensure the regional IT systems comply with the SOX, audit and compliance requirements. Engage with key stakeholders including executive & senior management, external auditors (PWC), internal audit and global risk & compliance functions, and IT system owners to ensure all SOX compliance requirements are understood and monitored Knowledge of IT General Controls (ITGCs) and interface controls. Ability to articulate the control requirement and deliver best practice in the design and end operation  To QA controls, their operation and supporting processes & procedures for their effectiveness and bring about change to ensure that EMEA IT operate an assured control environment  Ability to deliver change in a structured method (project management) to implement or improve existing controls or bring around remediation or deliver a successful outcome to any assurance/ audit event  Work across a diverse virtual team of IT functions, auditors, Financial Control, etc. Being able to answer for their agenda and successfully the right outcomes for EMEA IT Drive improvements by enforcing best practice and standards and sharing learnings across teams Operate in a constantly evolving and changing governance environment and able to adapt to taking on new duties as regulation change

Experience:

3+ years experience in a financial/tech controls or PMO/compliance function Insurance or financial sector MS Office – especially Excel & Powerpoint

Qualifications:

CISA or any relevant governance, compliance, risk or accountancy qualifications