Job Description
The Role:
The IT Governance and Controls Lead is responsible for the operation and continuous improvement of IT governance and control activities across the Technology function. Reporting into the IT Governance & Quality Manager, the role ensures that IT controls are clearly defined, effectively embedded, and operating as intended in line with regulatory, risk, and organisational requirements.
The role provides subject‑matter expertise on IT governance and controls, supports audit and assurance activities, and works closely with Technology, Risk, Compliance, and Audit stakeholders to maintain a strong and sustainable IT control environment.
Key Responsibilities:
IT Governance & Controls
- Support the implementation and ongoing operation of the IT governance framework, policies, standards, and procedures.
- Own and maintain IT control documentation, including control descriptions, evidence requirements, and operating procedures.
- Monitor the effectiveness of IT controls, identifying gaps, weaknesses, and opportunities for improvement.
- Support the identification, assessment, and mitigation of IT‑related risks.
- Provide guidance and advice to Technology teams on governance and control requirements.
Audit & Assurance Support
- Support internal and external IT audits, acting as a key contributor to audit planning, evidence collation, and walkthroughs.
- Coordinate responses to audit queries and track audit actions through to remediation and closure.
- Ensure audit findings and control issues are clearly documented, prioritised, and followed up.
- Contribute to audit reporting and management information for senior stakeholders.
Attestation, Compliance & Reporting
- Support the annual IT attestation and compliance processes across the organisation.
- Ensure timely completion of governance and control activities by relevant stakeholders.
- Produce and maintain governance, control, and KPI reporting at operational, management, and executive levels.
- Provide insights and analysis on control performance, risks, and trends.
Stakeholder Engagement
- Work closely with Technology teams, Risk, Compliance, and Audit to embed effective governance and controls.
- Act as a trusted point of contact for governance and control‑related queries.
- Support the Head of IT Governance with analysis, reporting, and governance insights.
Continuous Improvement
- Identify opportunities to simplify, streamline, and improve governance and control processes.
- Support the adoption of best practice frameworks and standards (e.g. ITIL, COBIT, ISO).
- Contribute to initiatives that strengthen control maturity and reduce operational risk across IT.
Skills and Experience
- Experience in IT governance, IT controls, IT risk, audit, or assurance roles.
- Strong understanding of IT control environments, particularly within regulated organisations.
- Experience supporting internal and external audits.
- Strong analytical, documentation, and reporting skills.
- Ability to work independently while collaborating effectively with a wide range of stakeholders.
- Excellent written and verbal communication skills.
- Knowledge of governance frameworks and standards (e.g. ISO 27001, ISO 20000, COBIT, ITIL).
- Experience supporting attestation or compliance processes.
- Experience in financial services or similarly regulated environments.
About Us
Our benefits
We offer all employees a comprehensive benefits package that focuses on their whole wellbeing. This includes hybrid working, a competitive base salary, non-contributory pension, discretionary bonus, insurances including health (family) and dental cover, and many other benefits to enhance financial, physical, social and psychological health.
About Canopius
Canopius is a global specialty lines (re)insurer. We are one of the leading insurers in the Lloyd’s of London insurance market with offices in the UK, US, Singapore, Australia and Bermuda.
At Canopius we foster a distinctive, positive culture which enables us to bring our whole selves to work to flourish as people, and build a business which delivers profitable, sustainable results.
Based in incredible new offices in the heart of the City of London, Canopius operates a flexible, hybrid working model and is committed to providing an environment that challenges employees to be their best and where everyone's unique contributions are recognised, valued and respected.
We are fully committed to equal employment opportunities for all applicants and providing employees with a work environment free of discrimination and harassment. All employment decisions are made regardless of age, sex, gender identity, ethnicity, disability, sexual orientation, socio-economic background, religion or beliefs, marital or caring status, or any other status protected by the laws or regulations in the locations where we operate. We encourage and welcome applicants from all diverse backgrounds.
We make reasonable adjustments throughout the recruitment process and during employment. Please let us know if you require any information in an alternate format or any other reasonable adjustments.