Lead ? Governance Risk and Controls (GRC) SAP Implementation
Lead, Governance Risk and Controls SAP Implementation, Loveland CO, USWhy work at Nutrien Ag Solutions? Great question!Safety is a core value at Nutrien Ag Solutions. Keeping every employee safe, healthy and secure is our top priority. Nothing is more important than seeing our people go home safe at the end of every single day.While working here you will have the opportunity to grow your career while helping us feed the future. We pride ourselves in hiring from a variety of backgrounds and truly believe that it is our differences that make us stronger so we hope you will join us.In addition to exciting and challenging opportunities, Nutrien Ag Solutions offers competitive salaries, great benefits and performance based incentives.Outside of the skills and necessary qualifications, you will be committed to sustaining our safe and positive work environment while welcoming working side by side others in a diverse culture. Culture at Nutrien Ag Solutions is the core of everything we do and all employees are respectful of diverse opinions and views. Position Summary: Leverage a top-down risk based approach to design internal controls over regulatory and operational controls based on the future-state of SAP S/4 HANA business processes. The goal for controls design is to maximize opportunities to increase reliance on automated controls. Enable Governance Risk and Controls (GRC) & Process Controls (PC) to support compliance with the new control structure defined as part of Project Foundation. This position reports to the SAP Implementation Project Management Office (PMO). Key Tasks:Regulatory and Operational Controls:Understand current state framework and compliance processes for operational and regulatory controls Establish controls project plan, and role and responsibilities matrix (RACI) for Retail, Corporate harmonizing with Project FoundationPerform risk assessment, and identify key operational and regulatory risk (i.e., define scope)Map existing operational and regulatory controls to the processes and functional areas in scope for Project Foundation and perform fit gap analysisFacilitate sessions with process and control owners to review and validate draft operational and regulatory control mapping and applicability to the newly defined SAP processesDesign new regulatory and operational controls based on the gaps identifiedDetermine ownership for the identified operational and regulatory controlsReview configuration design documents, SAP configurations, identify/review list of anticipated key reports requiredAlign the Project Foundation control testing strategy and approach for operational and regulatory controls testingReview controls-related test cases and provide script feedback to ensure controls are being properly testedOperational and regulatory defect managementFinalize regulatory and operational risk and control matrices and update the master RACMUpdate/Create project and controls documentation with controls, including control process flowsSupport creation of training material and align with change management team on training strategy/deliverySAP GRC Process Control:Update the overall GRC strategy document to include PC strategy, including establishing testing strategy and protocols, training strategy and protocols, knowledge transfer plans and project communication protocols for PC teamSupport master data definition workshops around master data design and requirements, review of missing data elements in the risk and control matrix (RACM) and design of GRC PC control catalogSupport the definition of controls for Continuous Control Monitoring (CCM)Support design workshops for PC workflow processes, business rule naming conventions and establishing roles and responsibilities (RACI)Support design workshops for identifying and designing CCM rules, identifying required data sources, connectors, filters, conditions, etc.Confirm the build of the centralized, risk and controls repository and integration between SAP GRC Access Control (AC) and PC to link mitigating controls to segregation of duties rule violations set-upConfirm CCM build to cover control requirementsSupport the definition of test cases and test scriptsExecute testing scenarios across the various testing cycles and support test defect managementSupport creation of training material and support training execution based on defined strategy with the change management team (e.g., GRC PC functional administrator training session(s), GRC PC technical administrator training session(s), and end-user train-the-trainer session(s))Support cutover and deployment tasks, as neededQualifications:4+ years of experience in leading mid to large governance, risk and compliance and/or SAP security risk management programsFamiliarity with SOX, PCAOB, regulations specific to the Agricultural Chemicals industry, GDPR, PCI etcSolid understanding of business and IT processes, risks and controls (e.g.: access controls, business process controls, ITGC, regulatory controls, operational controls, application controls, interface controls)Bachelor’s degree required, preferred in a finance-related fieldExperience in using risk and controls framework (e.g.: COBIT, COSO) and related SAP GRC toolsExperience in process and controls mapping methodologiesDeep understanding of designing and deploying automated GRC capabilities and overseeing teams who run and manage these toolsetsUnderstanding of IT infrastructure, risk and compliance including cloud security challenges and controlsStrong management and leadership skillsStrong communication, influencing, collaboration and decision making skillsNutrien Ag Solutions, a Nutrien Company, is committed to creating an inclusive workplace. We encourage applications from all well qualified candidates who reflect the diversity of the regions where we operate. This includes recognizing the voluntary identification of status such as gender, sexual orientation, visible minority, Indigenous status, persons with disabilities, and veterans, where applicable. If this sounds like a good match, apply now. You may be required to undergo a background check and substance test in accordance with Nutrien Ag Solution policies.While we appreciate all applications we receive, we advise that only candidates under consideration will be contacted. **EOE race/color/sex/sexual orientation/gender identity/disability/veteranApply for this job.