IT Controls Specialist
Take a look inside our London office
About the team
SumUp's Internal Controls function sits at the heart of our financial governance, responsible for the programmes that give regulators, auditors, and leadership confidence in how we operate. As SumUp grows, robust and scalable technology controls are increasingly important to the strength of our financial governance and wider control environment. .
This is a newly created role, and it's a genuinely important one. You will take ownership of the technology side of our ICFR and Provision 29 (P29) programmes. You'll be the person who builds it: designing the control framework, running the IT ICFR assurance programme, and making sure our IT general controls can stand up to external audit scrutiny.
What you'll do
Design, document, test, and oversee remediation of IT General Controls (ITGCs), automated controls, and key system-generated financial reports across SumUp's ICFR and P29 programmes
Build and maintain a complete IT risk and control matrix (RCM) covering all in-scope control domains, and produce audit-quality evidence packs
Act as the primary point of contact between the Internal Controls team and SumUp's Engineering and IT functions, coordinating evidence, managing auditor requests, and tracking deficiencies through to remediation
Identify and implement automation opportunities across the controls lifecycle, including evidence collection workflows, access review sampling, and change management evidence extraction
Advise the business on IT risk identification and control design to support compliance and broader risk management requirements
You'll be great for this role if…
Strong hands-on experience in IT audit, ITGC testing, or technology risk, whether from an internal or external audit background
Solid knowledge of IT General Controls domains: logical access, change management, computer operations, and SDLC
Familiarity with ICFR, SOX, or equivalent regulatory frameworks, including experience managing IT PBC (Prepared by Client) requests with external auditors
A good understanding of IT risk and the ability to link IT controls activities with broader assurance programmes (such as ISO and other existing frameworks) to avoid duplication and drive efficiency
Ability to document and maintain risk and control matrices to a standard that holds up under audit scrutiny
Comfort working across multi-jurisdictional environments and influencing technical teams without direct authority
Intellectual curiosity about automation and AI — and a genuine interest in applying both to make controls programmes more efficient
Why you should join SumUp
🌎 Opportunity to work with a truly global, multicultural team from our central Covent Garden location, wrapped in historic charm and modern flair. This involves an office-first setup
🌈 Commitment to Diversity and Inclusion: be part of a workplace that values and promotes diversity, fostering an inclusive environment where everyone's perspectives are respected and embraced
🚀 Enrolment onto our Virtual Stock Option programme: you will own a stake in SumUp's future success
🏖 Generous time off: enjoy 28 days of paid leave, plus bank holidays and special leaves
📚 A dedicated annual L&D budget for attending conferences and/or advancing your career through further education
🏥 Health matters: private health insurance, including optical and dental
🚗 Life made easier: salary-sacrifice commuter benefits via Gogeta
💼 Financial security: retirement scheme (SumUp matches 7% when you contribute 5%)
🛡 Peace of mind: life insurance from MetLife for 2× your salary
🌴 Break4me: 1-month sabbatical after 3 years of service
🔗 Referral Bonus: earn additional rewards by referring talented individuals to join the SumUp team
About SumUp
Be empowered to do more that matters.
At SumUp, we're on a mission to empower small businesses across the globe by providing simple and affordable tools that allow them to thrive. Today, over 4 million businesses in 37 markets rely on SumUp as their financial partner to manage payments, finance and customer relationships.
Our commitment to small businesses is reflected in our diverse team of over 3,000 SumUppers from over 90 nationalities, united by global collaboration and an innovative mindset. Our core values lay the foundation for who we are and what we stand for, shaping our work culture and driving our success. We foster inclusivity and a continuous learning culture, providing a safe space for personal and professional growth. Our differences make us unique and strong as we strive to create an environment where everyone belongs and feels supported, no matter how they identify.
SumUp is proud to be an Equal Employment Opportunity employer, actively seeking and embracing diversity in our workforce. We don't make hiring or employment decisions based on race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by company policy. Our commitment extends beyond recruitment to creating a safe and respectful workplace where harassment of any form is strictly prohibited. Discover more about our culture and opportunities on our careers website, and follow our journey on LinkedIn, Instagram, and TikTok.
Job Application Tip
We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.