The following content displays a map of the jobs location - Welwyn Garden City
Technology Risk and Compliance Manager
Job Reference tesco/TP/10683609/894127
What’s in it for you
We’re all about the little helps. That’s why we give our wonderful colleagues bags of benefits. Including wellbeing services, an award-winning pension scheme and much, much more, our colleague reward package keeps on giving. And helps make every day a little better for you and your family. These include but are not limited to:
- Annual bonus scheme of up to 20% of base salary
- Holiday starting at 25 days plus a personal day (plus Bank holidays)
- Buy holiday salary sacrifice scheme (for salaried roles)
- Private medical insurance
- Retirement savings plan - save between 4% and 7.5% and Tesco will match your contribution
- Life Assurance - 5 x contractual pay
- 26 weeks maternity and adoption leave (after 1 years’ service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
- The right to request flexible working from your first day with us
- Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
- A Colleague Clubcard for you & a family member (after 3 months of service), giving you access to lots of discounts in-store & online
- Great colleague deals and discounts, saving you money on everyday purchases, eating out and utility bills for the home
- Access to our colleague networks providing a space for colleagues to come together from a range of backgrounds. For more information about our colleague networks please click here
- Opportunities to get on - take advantage of our ongoing learning opportunities and award-winning training, to help you achieve the job and career you want
Click Here to read more about the full range of benefits we have available for our colleagues
About the role
This is a fantastic opportunity to join Tesco's Cyber Risk function to lead the end-to-end delivery of high quality testing and assessment activities related to IT General Controls (ITGCs) and Application Controls (ITACs) in support of our Internal Controls over Financial Reporting (ICFR) management assurance/attestation programme.
You will be responsible for
- Lead IT controls testing for assigned portfolio of controls/stakeholders to deliver to agreed time and quality standards
- Perform IT risk assessments for new technologies, draft IT process narratives and build Risk and Control Matrices
- Review ITGC testing in areas such as Access Management, Change and Release Management, Incident Management, for a broad range of technologies ranging from mainframes to cloud based applications.
- Review the assessments performed over automated controls and key reports across multiple business processes such as Procure-to-Pay, Order-to-Cash, Financial Statement Close Process, etc.
- As required, support ITGC testing activities in areas such as Access Management, Change and Release Management, Incident Management and SOC Report Reviews as well as testing of IT Application Controls (ITACs), IT Dependent Manual Controls (ITDM) and Key Reports"
- Assess the impact of deficient controls and lead the assessment of compensating controls.
- Build, communicate, measure and optimize the remediation plan for deficient controls.
- Support IT risk/control owners in understanding their ICFR responsibilities.
- Manage stakeholder relationship and lead internal meetings with Technology and Business Process teams.
You will need
- Strong experience with SOX / IT Internal Controls audit, implementation and design improvement
- Strong knowledge of IT auditing concepts and principles alongside understanding of IT General Controls, IT Automated Controls and IT-Dependent Controls
- Experience in performing IT risk assessments and building Risk and Control Matrices for a broad range of technologies.
- Knowledge of Financial Reporting, Corporate Governance and core financial end to end processes such as Customer to Cash, Procure to Pay, Record to Report
- SME level expertise in respect to information security (at least two domains of expertise) risk management processes, frameworks and regulatory aspects
- Experience of managing workstreams to deliver in line with time/quality expectations
- Able to adapt to suit the needs of the business and agile in approaching challenging scenarios
- Able to interpret and explain broader business risks to technology colleagues (and technology risks to business colleagues)
- Able to lead meetings with a broad range of internal and external stakeholders
- Strong written, verbal communication and presentation skills - ability to pitch to different levels of seniority and disciplines within the organisation
- Critical thinking with strong attention to detail and good organisational skills
- Able to build solid working relationships with peers as well as internal and external stakeholders
- Able to work with teams from differing backgrounds across multiple locations
About us
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is ‘Serving our customers, communities and planet a little better every day’. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We’re proud to have been accredited Disability Confident Leader and we’re committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here.
We’re a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.