Lead, Governance Risk and Controls SAP Implementation, Loveland CO, US
Why work at Nutrien Ag Solutions? Great question!
Safety is a core value at Nutrien Ag Solutions. Keeping every employee safe, healthy and secure is our top priority. Nothing is more important than seeing our people go home safe at the end of every single day.
While working here you will have the opportunity to grow your career while helping us feed the future. We pride ourselves in hiring from a variety of backgrounds and truly believe that it is our differences that make us stronger so we hope you will join us.
In addition to exciting and challenging opportunities, Nutrien Ag Solutions offers competitive salaries, great benefits and performance based incentives.
Outside of the skills and necessary qualifications, you will be committed to sustaining our safe and positive work environment while welcoming working side by side others in a diverse culture. Culture at Nutrien Ag Solutions is the core of everything we do and all employees are respectful of diverse opinions and views.
Leverage a top-down risk based approach to design internal controls over regulatory and operational controls based on the future-state of SAP S/4 HANA business processes. The goal for controls design is to maximize opportunities to increase reliance on automated controls. Enable Governance Risk and Controls (GRC) & Process Controls (PC) to support compliance with the new control structure defined as part of Project Foundation. This position reports to the SAP Implementation Project Management Office (PMO).
Regulatory and Operational Controls:
- Understand current state framework and compliance processes for operational and regulatory controls
- Establish controls project plan, and role and responsibilities matrix (RACI) for Retail, Corporate harmonizing with Project Foundation
- Perform risk assessment, and identify key operational and regulatory risk (i.e., define scope)
- Map existing operational and regulatory controls to the processes and functional areas in scope for Project Foundation and perform fit gap analysis
- Facilitate sessions with process and control owners to review and validate draft operational and regulatory control mapping and applicability to the newly defined SAP processes
- Design new regulatory and operational controls based on the gaps identified
- Determine ownership for the identified operational and regulatory controls
- Review configuration design documents, SAP configurations, identify/review list of anticipated key reports required
- Align the Project Foundation control testing strategy and approach for operational and regulatory controls testing
- Review controls-related test cases and provide script feedback to ensure controls are being properly tested
- Operational and regulatory defect management
- Finalize regulatory and operational risk and control matrices and update the master RACM
- Update/Create project and controls documentation with controls, including control process flows
- Support creation of training material and align with change management team on training strategy/delivery
SAP GRC Process Control:
- Update the overall GRC strategy document to include PC strategy, including establishing testing strategy and protocols, training strategy and protocols, knowledge transfer plans and project communication protocols for PC team
- Support master data definition workshops around master data design and requirements, review of missing data elements in the risk and control matrix (RACM) and design of GRC PC control catalog
- Support the definition of controls for Continuous Control Monitoring (CCM)
- Support design workshops for PC workflow processes, business rule naming conventions and establishing roles and responsibilities (RACI)
- Support design workshops for identifying and designing CCM rules, identifying required data sources, connectors, filters, conditions, etc.
- Confirm the build of the centralized, risk and controls repository and integration between SAP GRC Access Control (AC) and PC to link mitigating controls to segregation of duties rule violations set-up
- Confirm CCM build to cover control requirements
- Support the definition of test cases and test scripts
- Execute testing scenarios across the various testing cycles and support test defect management
- Support creation of training material and support training execution based on defined strategy with the change management team (e.g., GRC PC functional administrator training session(s), GRC PC technical administrator training session(s), and end-user train-the-trainer session(s))
- Support cutover and deployment tasks, as needed
- 4+ years of experience in leading mid to large governance, risk and compliance and/or SAP security risk management programs
- Familiarity with SOX, PCAOB, regulations specific to the Agricultural Chemicals industry, GDPR, PCI etc
- Solid understanding of business and IT processes, risks and controls (e.g.: access controls, business process controls, ITGC, regulatory controls, operational controls, application controls, interface controls)
- Bachelor’s degree required, preferred in a finance-related field
- Experience in using risk and controls framework (e.g.: COBIT, COSO) and related SAP GRC tools
- Experience in process and controls mapping methodologies
- Deep understanding of designing and deploying automated GRC capabilities and overseeing teams who run and manage these toolsets
- Understanding of IT infrastructure, risk and compliance including cloud security challenges and controls
- Strong management and leadership skills
- Strong communication, influencing, collaboration and decision making skills
Nutrien Ag Solutions, a Nutrien Company, is committed to creating an inclusive workplace. We encourage applications from all well qualified candidates who reflect the diversity of the regions where we operate. This includes recognizing the voluntary identification of status such as gender, sexual orientation, visible minority, Indigenous status, persons with disabilities, and veterans, where applicable.
If this sounds like a good match, apply now. You may be required to undergo a background check and substance test in accordance with Nutrien Ag Solution policies.
While we appreciate all applications we receive, we advise that only candidates under consideration will be contacted.
**EOE race/color/sex/sexual orientation/gender identity/disability/veteran