Search Jobs
Search by job, company or skills
Search by job, company or skills
The Chief System Assurance Officer's (CSAO) organization is responsible for establishing a Global Sovereign System Assurance Framework, ensuring that Ant International's cross-border payment systems are intrinsically Visible, Controllable, Verifiable, Auditable, and Sustainable.
The Head of System Assurance (Sovereign Cloud & Infrastructure) will lead Ant International's global sovereign cloud strategy, architecture, and control framework, ensuring that all public cloud deployments (including Alibaba Cloud and other providers) meet:
• Data sovereignty and localization requirements
• Regulatory compliance and auditability standards
• Operational resilience and disaster recovery expectations
• Cloud substitutability and exit readiness
This role is the control owner for sovereign cloud architecture, ensuring that Ant International's infrastructure is regulator-acceptable, resilient by design, and not dependent on any single provider.
1. Sovereign Cloud Architecture & Strategy
• Design and enforce EU/UK sovereign cloud architecture aligned with regulatory expectations (e.g., DORA, GDPR)
• Define and implement multi-cloud / hybrid-cloud strategy to ensure resilience and independence
• Establish clear control boundaries between regions, systems, and cloud providers
2. Data Sovereignty & Localization
• Implement data localization, residency, and jurisdictional control mechanisms
• Ensure strict segregation of regulated data across EU/UK and other regions
• Enable full visibility and control over cross-border data flows
3. Cloud Control & Compliance Enforcement
• Act as control owner for cloud infrastructure compliance across Alibaba Cloud and other public cloud providers
• Ensure cloud environments are audit-ready, traceable, and regulator-compliant
• Embed compliance-by-design principles into infrastructure and platform engineering
4. Resilience, DR & Operational Continuity
• Define and enforce global resilience architecture (Active-Active / multi-region design)
• Ensure compliance with RTO / RPO requirements for critical financial systems
• Lead disaster recovery planning, testing, and validation
5. Cloud Substitutability & Exit Strategy
• Design and implement cloud exit strategies and portability mechanisms
• Ensure workload portability across cloud providers (vendor independence)
• Demonstrate regulator-acceptable substitutability capabilities
6. Global Coordination & Engineering Integration
• Partner with Engineering, Security, Data, Risk, and Compliance teams
• Align with Regional Assurance Hubs (EU / UK / US / APAC) for localized implementation
• Integrate sovereign controls into DevSecOps and platform engineering practices
Key Deliverables
• EU/UK regulator-acceptable sovereign cloud architecture
• Fully implemented data localization and control framework
• Proven cloud exit and portability capability (tested and auditable)
• Resilience architecture meeting Tier 0 financial infrastructure standards
Requirements
Preferred Qualifications
• Experience supporting EU/UK regulatory environments (DORA, GDPR, outsourcing/cloud guidelines)
• Familiarity with cloud compliance frameworks and regulator expectations (EBA, FCA, ECB)
• Experience in large-scale cloud migration or sovereign infrastructure programs
Leadership & Personal Attributes
• Strong ownership mindset with control-oriented thinking
• Ability to balance engineering pragmatism with regulatory rigor
• High integrity and commitment to resilience, security, and compliance
• Excellent cross-functional leadership and stakeholder management skills
Why Join Us
This role is critical to building next-generation sovereign financial infrastructure, offering the opportunity to:
Job ID: 145671625
