Summary:
Are you energised by a high-profile Risk management & Controls role that allows you to shape risk and controls programs and challenge organisational thinking to make informed business decisionsIf so, this Technology Risk and Governance role could be an exciting opportunity to explore.
Within the Global Finance organisation, Finance Risk Management & Controls (FRMC), the Finance 2nd line team, is key to determining the level of risk which is acceptable to the organisation while developing business and operational opportunities.
This global role leverages deep expertise in IT risks and controls to manage and oversee the Finance IT control environment. The Director is charged with ensuring robust governance, monitoring, and continuous improvement of IT risks impacting financial controls, including SOX compliance, transformation, and the integration of innovative solutions such as RPA and data analytics. This role requires seamless collaboration with the Digital & Technology (D&T) organisation, Finance, and external audit teams to deliver strategic objectives, mitigate risks, and drive operational excellence.
Role Responsibilities:
-
Oversight: Partner with the D&T leadership team and Sox Ops team to ensure combined oversight of the quality of IT Sox testing in order to meet the Finance requirements. Lead on IT Application Controls, BOTS, interface controls, and key reports used in controls to ensure compliance with established frameworks and regulatory requirements. Accountable for the relevant SOX Board papers preparation including status update on SOX testing results and progress of remediation activities.
-
Scoping: Lead the scoping for Finance on the technology relevant for SOX purposes, ensuring that all relevant IT systems and processes are thoroughly evaluated for risk and control implications.
-
Leadership in Change & Transformation: Provide leadership and support to change and transformation projects that address technology risks and business risks, including M&A activities, to ensure Finance 2nd line objectives are met.
-
Governance of RPA in Finance: Establish and oversee governance protocols for robotic process automation (RPA) embedded in Finance, including new implementations and changes to existing RPAs.
-
Collaboration & Partnership: Interface with the Digital & Technology organisation and partner and influence the D&T leadership team and GRC team to monitor IT risks relevant to the Finance control environment, driving collaboration and accountability.
-
IT Governance Representation: Act as an integral member of IT governance forums, influencing decision-making and ensuring Finance s voice is represented.
-
SOX Maturity Programme: Support the execution of the D&T SOX Maturity Programme, representing the Finance organization and ensuring Finance leadership is overseeing the delivery of required actions and milestones.
-
SAP S4 Hana Implementation: Provide oversight and support for the design and implementation of SAP S4 Hana, ensuring SOX IT control design aligns with Finance requirements.
-
Key IT Controls: Oversee the execution of key IT controls, such as Finance SOD monitoring controls, to safeguard the Finance control framework.
-
Risk Lens in Business Walkthroughs: Support business walkthroughs with an IT risk and control perspective, enabling informed decisions and risk mitigation.
-
Continuous Improvement: Lead continuous improvement initiatives in the control framework, leveraging enabling technologies and continuous control monitoring to enhance processes and reduce risks.
-
Data Analytics Strategy: Design and oversee the data analytics strategy for the FRMC team, supporting initiatives that enhance data-driven decision-making and risk assessment.
Qualifications and Skills
-
15+ years experience
-
Experience at Big 4 (Deloitte, EY, KPMG, PWC)
-
SAP and Cloud infrastructure experience
-
Understanding of information security technologies
-
Experience of internal and/or external regulatory, Sarbanes-Oxley environment and technology industry standards
-
Experience and understanding of financial reporting risks and controls
-
Required Licenses/Certifications: CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CA/CPA (Chartered Accountant/Certified Public Accountant) or equivalent
Care to join us. Find out what life at Haleon is really like www.haleon.com/careers/
.
