Manager, Internal Controls GRC Security

Lake County, IL, US
May 30, 2019
Required Education
Bachelors Degree
Position Type
Full time

The Internal Controls GRC Security Manager will be responsible for controls governing segregation of duties and sensitive access and will report to the Director, Internal Controls CoE. They will utilize knowledge of SAP security frameworks and be able to discuss detailed technical aspects of security with programmers and system administrators and explain the Business and Finance implications to multiple layers of Management.

Key Responsibilities Include:

  • Monitor risks that arise from user access and coordinate with Global Process Leads (GPLs) to remediate or mitigate risk
  • Maintain the segregation of duties and sensitive access rule set through annual certification and triggering event reviews
  • Manage the mitigation of user access risks upon access requests
  • Report to various levels of management on user access risks and remediation efforts
  • Proactively analyze and understand the risks associated with access, provide solutions to eliminate/reduce exposure
  • Review third party SOC1 reports, including, but not limited to analysis of any exceptions and impact on control environment
  • Propose and implement process improvements to improve effectiveness and efficiency





  • Bachelor's Degree in Computer Science, Information Technology or related field
  • 6+ years of progressive Internal Controls/IT Auditing experience
  • SAP GRC Technical knowledge
  • Project Management skills
  • Proficiency in Microsoft Office tools (e.g., Excel, PowerPoint, and Word)
  • Strong communication skills (verbal and written) and ability to collaborate across functions
  • Ability to identify process improvement opportunities and aptitude for continuous improvement and change
  • Knowledge of business processes across Finance and Information Technology


Key Stakeholders



  • Corporate Controller's organization, Business Technology Solutions, Global Process Leads
  • Internal and external audit