Praca: IT Controls Manager
At JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.
To make a difference with us, all you need to do is bring your human best.
What will your story be? Apply now!
Learn more: jti.com
Primary responsibilities of the "IT Controls Manager" are the ongoing maintenance and improvement of JTIs global internal controls framework, including IT controls. As a Japanese-listed multinational Company, JTI must comply with JSOX (Sarbanes Oxley equivalent) reporting, which requires managing the overall JSOX control framework (Finance and IT controls), performing self-assessment processes, liaising with internal & external auditors and remediating any issues highlighted.
The role reports directly to JTI HQ and the work demands a substantial understanding of IT processes. Regular cross-functional collaboration with all levels of management will be required to perform the role effectively.
Furthermore, the individual will also support the wider Corporate Controlling Team with Agile Project Support.
- IT Controls Design – lead the design and implementation of IT Security controls across the organization, ensuring alignment with JSOX requirements and broader Corporate Policies and Procedures
- Access Management – oversee the controls related to access management, including provision, deprovisioning, and monitoring user access to ensure proper Segregation of Duties and prevent unauthorized access
- Change Management – manage IT change management controls to ensure that all changes to IT systems, application, and infrastructure are reviewed, approved, and documented in compliance with JSOX and IT Policies
- Operational controls – ensure operational IT controls are in place to support day-to-day function, including regular monitoring, backup processes
- Segregation of Duties – manage Segregation of Duties ruleset for SAP and non-SAP systems
- Control Assessment – oversee internal processes related to management self-assessment of internal security controls and JSOX remediation process
- JSOX Compliance – conduct comprehensive reviews of projects to ensure that they adhere to JSOX and IT control requirements
- Collaboration – work with cross-functional teams including Information Security, Identify and Access Governance, SAP Functional Consultants, Compliance, IT JSOX Coordinators, and External and Internal Auditors to ensure that security and control framework are integrated into day-to-day operations
- Reporting - preparation of the presentations and reports for Senior Management based on the obtained requirements
- Competitive pay and attractive annual bonus
- On-going development opportunities in multinational environment, wide variety of projects, ambitious goals and independence in achieving them. Promoting from within culture
- Freedom with responsibility (we trust your competencies, ability to manage your time and your scope of work)
- Lot of flexibility in terms of work arrangements (work from office or from home)
- Private medical care (various options to choose) and life insurance
- Employee pension and savings programs
- JTI Family Leave Benefit – including extended paid paternity leave and fully paid maternity leave
- Multisport card, foreign languages classes
- Wide variety of trainings, webinars and professional courses on our e-learning platforms, including sponsored certification programs (for employees fulfilling the admission criteria)
- Modern office with traditions (Art Norblin Factory) in convenient location, equipped with a library, mindfulness zone, spacious kitchen, garden terrace, massage chairs and underground bicycle parking
- Working in a diverse and inclusive organization of 43 different nationalities
- medical care
- pension plan
- life insurance
- Multisport card
- family leave
- Independent, structured, and process-oriented person with strong self-confidence and good communication skills
- Have an analytical mindset with excellent prioritization and time, self-management skills
- Have a University Degree in relevant field
- Understanding of security frameworks (ISO 27001, NIST, COBIT, etc.)
- Familiarity with ITIL practices,
- Experience in managing internal and external audits and providing control evidence.
- Professional Qualification is a plus (CISA, CISM, CRISC, CISSP, CC, CIA, ITIL)
- Have at least 5 years of work experience
- Have confidence with Excel and at least basic knowledge about BI application
- Are fluent in English (written and verbal). Any other language is an asset
- Have a proficient knowledge of SAP Security or SAP Function module on-hand experience is required
If you decide to participate in this recruitment, the administrator of your data will be JTI GBS Poland sp. z o.o. with headquarters in Warsaw. Your data will be processed only to support the recruitment process in which you participate. Detailed information on the processing of your data here.
JTI GBS Sp. z o.o. has introduced an Internal Reporting Procedure for Whistleblowers. If you would like to review this procedure, it is available upon request.