Senior Advisor - GRA

The Governance, Risk and Control team ensures effective execution and continuous improvement of IT General Controls (ITGC), focusing on access management and segregation of duties (SoD). This involves implementing internal controls for regulatory compliance, conducting risk assessments for IT risks and control gaps, and collaborating on mitigation strategies. The role requires expertise in ongoing compliance and enhancing control process efficiency and effectiveness.

Must Have

• Execute testing for IT General Controls (ITGC) with primary focus on access and SoD related controls.
• Implement internal controls to ensure compliance with access and SoD requirements, ITGC controls.
• Continuously review new SAP access control and ensure higher degree of compliance status.
• Follow-up with stakeholders on risk mitigation control and performance.
• Conduct risk assessments to identify critical systems, potential IT risks and control gaps.
• Assist in execution of identified areas for improvement in ITGC processes.
• Monitor and follow up with stakeholders to ensure timely remediation of identified risks and issues.
• Assist the manager in ensuring compliance with access governance.
• Master’s degree or equivalent, preferably in information technology or related field.
• At least 4 years of overall experience and a minimum of 1 year in IT audits and ITGC/ITAC testing.
• Strong GRC background with understanding and working knowledge of ITGC key domains.
• Experience in Risk, Controls and Compliance or Internal Audits.
• Experience with assessing, designing, and implementing generic and SAP controls.
• Good understanding of Segregation of Duties frameworks and mitigating control assignment.
• Working knowledge in Microsoft applications.
• Detail-oriented with strong documentation and communication skills.

Good to Have

• An advanced degree or certifications like CISA, CRISC, or similar certifications.
• Functional Knowledge of SAP GRC tool and RSA Archer.
• Experience working in MNC or Big4 environments with multiple stakeholders across the globe.

The Governance, Risk and Control team is responsible to ensure the effective execution and continuous improvement of IT General Controls (ITGC), with a focus on access management and segregation of duties (SoD). This involves implementing internal controls to ensure compliance with regulatory requirements, conducting risk assessments to identify potential IT risks and control gaps, and collaborating with cross-functional teams to develop mitigation strategies. The role requires expertise in executing the ongoing compliance and improving the efficiency and effectiveness of control processes.

Key Responsibilities

• Execute testing for IT General Controls (ITGC) with primary focus on access and SoD related controls as per annual validation plan
• Implementation of internal controls to ensure compliance with the access and SoD requirements, ITGC controls and compliance requirements or other rules and regulations
• Continuous review of new SAP access control when needed. Take up effective discussions with Business Process owners, and Compliance, Execution teams and ensure higher degree of compliance status is achieved
• Follow-up with stakeholders on risk mitigation control and performance
• Conduct risk assessments to identify critical systems, potential IT risks and control gaps, and work with cross-functional teams to develop mitigation strategies
• Assist in execution of identified areas for improvement in ITGC processes and recommend enhancements to increase efficiency and control effectiveness
• Support the development and delivery of training and awareness programs for control performers related to ITGC and ITAC
• Monitor and follow up with stakeholders to ensure timely remediation of identified risks and access & SoD related issues
• Assisting the manager in ensuring compliance with access governance

Required Experience & Skills:

• Ability to work as an individual contributor
• Master’s degree or equivalent, preferably in information technology or related field
• At least 4 years of overall experience and a minimum of 1 years in IT audits and ITGC/ITAC testing
• An advanced degree or certifications like CISA, CRISC, or similar certifications will be an added advantage
• Candidate with strong GRC background having an understanding and working knowledge of ITGC key domains with a focus on access management & SoD and IT Application Controls (ITAC)
• Functional Knowledge of SAP GRC tool and RSA Archer will be an added advantage
• Experience in Risk, Controls and Compliance or Internal Audits
• Experience with assessing, designing, and implementing generic and SAP controls with a focus on automated, configurable controls
• Good understanding of Segregation of Duties frameworks and mitigating control assignment
• Working knowledge in Microsoft applications
• Detail-oriented with strong documentation and communication skills
• Experience working in MNC or Big4 environments with multiple stakeholders across the globe will be an added advantage

Personal Characteristics:

• Able to consistently demonstrate & live cultural dimensions of Simplicity, Focus & Teamwork
• Good team player as part of GRC team for GSC with a positive attitude