Global Finance It And Sod Controls Manager

RESPONSIBILITIES

• Conduct risk assessments of IT systems, processes, and controls to identify vulnerabilities, weaknesses, and areas for improvement. Review and analyze user access rights, permissions, and roles in enterprise systems to ensure compliance with Segregation of Duties (SoD) requirements and least privilege principles
• Develop and maintain a comprehensive Sensitive Access and SoD framework, including procedures, and guidelines, to ensure identification of sensitive access and the separation of incompatible duties across business processes and systems
• Collaborate with key stakeholders, including IT, Security, Finance, Human resources, and operational teams, to deploy the SA/SoD framework, allowing to detect conflicts, identify mitigating controls and develop appropriate resolutions
• Collaborate with IT and Security teams to integrate segregation of duties and sensitive access controls within access management program, including definition and configuration of supporting GRC tools
• Develop and contribute to implement IT internal control policies, procedures, and guidelines to ensure compliance with regulatory requirements, industry standards, and best practices
• Collaborate in designing and implementation of IT General Controls and Business Process automation, as well as risk mitigation strategies and action plans to address identified risks and strengthen internal controls
• Document process narratives, flowcharts, control matrices, and other documentation related to IT internal controls
• Coordinate with internal and external auditors to facilitate IT General Control and SoD compliance audits including planning, testing, reporting, and remediation
• Promote a culture of compliance and accountability. Develop and deliver SoD/ITGC training and awareness programs for employees and stakeholders
• Stay informed about changes in regulatory requirements, industry standards, and best practices related to SoD controls and access management as well as about emerging trends, technologies, and regulatory developments in the IT governance and internal control landscape
• Participate in cross-functional projects and initiatives to enhance IT and business processes and controls, including system implementations, automations, and migrations.
• Provide guidance and support to process owners and teams on moving from manual to automated controls by developing the specific design of the controls and supporting their implementation
• Prepare reports and presentations on the status of IT internal controls, SoD compliance, audit findings, and remediation efforts for senior management and the Audit Committee

WHAT WE ARE LOOKING FOR

• Bachelor\’s degree in information technology, computer science, business administration, or a related field; advanced degree (e.g., MBA) preferred
• Certified Information Systems Auditor (CISA, CISSP) or other relevant certifications in IT governance, risk, and compliance preferred
• Proven experience (5+ years) in SoD management, access controls, IT internal control, or IT audit, preferably in a regulated industry or public company environment
• Strong understanding of IT controls frameworks, such as COBIT, ITIL, and NIST, and their application to IT processes and systems
• Knowledge of regulatory requirements related to IT governance and security, such as SOX, GDPR, HIPAA, and PCI DSS
• Experience with Governance, Risk & Compliance tools, identity and access management (IAM) systems, and enterprise resource planning (ERP) systems preferred
• Experience with IT audit methodologies, tools, and techniques for assessing IT controls and conducting IT audits
• Excellent analytical, problem-solving, and project management skills, with attention to detail and accuracy
• Strong communication and interpersonal skills, with the ability to collaborate effectively with IT teams, business stakeholders, and auditors
• Proficiency in Microsoft Office Suite, including Excel, Word, and PowerPoint