Access Management & Compliance Analyst
British American Tobacco
- Selangor
- Permanent
- Full-time
- Peer group and internal customers across IDT Services
- Audit and compliance groups
- Service Architecture
- 3rd Party Vendors -supplier relationships focused on operational / project activities.
- Deliver to day-to-day work streams related to IT SOx compliance across application/infrastructure IT controls.
- Monitor, track and review performances of centrally operated IT controls under Compliance Operations. Performances and action plans to be reported to Compliance Manager on a regular basis.
- Collaborate and handle compliance discussions with IT System owners, and Internal/External Control Operators to ensure quality, consistency, and operability of new and existing controls.
- Produce structured and insightful analysis of where to remediate areas of non-compliance to the various existing control frameworks in place within BAT; Work with service owners and 3rd party vendors to resolve remediations until closure.
- Participation in SOx Design Effectiveness (DE) and Operational Effectiveness (OE) testing of centrally operated SOx and IT General Controls (ITGC).
- Lead and track audit change request, and standard control operation queries with BCT Auditors and DBS Risk and Compliance Team.
- Facilitate and drive discussions on new system onboarding and offboarding for centrally operated SOx and ITGC
- Manage operations repository and evergreening of compliance operations documentation (Sox evidence, Standard Operating Procedures (SOP), work instructions, reconciliation reports etc)
- Participate and/or drive Continuous Improvement initiatives and projects pertaining to Access Management controls.
- Work closely with HR and GBS HR to support the JML service model and the necessary governance for JML, aligned with agreed global, standardised IT Service Management processes.
- Degree Educated, 6-8 years post graduate work experience in an IT Services environment and /or business facing IT role.
- More than 3 years experience in audit and compliance specially in the domain of Access Management control execution and testing
- Experience in large global organisation using in-sourced and out-sourced IT service providers, and a solid grasp of the management of global applications services
- Well-versed in handling IT controls or any access compliance experience.
- Resourceful, able to work independently and possess good communication skills
- Process oriented and hands on with high level of attention to details and accuracy.
- Proficient in data analysis and reporting on MS Excel
- Good IAM (Identity and Access Management) knowledge on Active Directory, MIM and Azure AD
- Good understanding on Application or Infrastructure compliance for a large corporation.
- Strong knowledge of ITIL best practice IT Service Management with experience in ServiceNow
- CISA (Certified Information Systems Auditor)/ ITIL certification
- Operations experience in handling SOx Controls
- Global Top Employer with 53,000 BAT people across more than 180 markets
- Brands sold in over 200 markets, made in 44 factories in 42 countries
- Newly established Tech Hubs building world-class capabilities for innovation in 4 strategic locations
- Diversity leader in the Financial Times and International Women's Day Best Practice winner
- Seal Award winner - one of 50 most sustainable companies