IT Compliance & GRC Senior Analyst
- Bocskai út 134-146. Dorottya udvar, Budapest, Hungary
Viacom is home to the leading portfolio of global, multi-platform entertainment brands. Through television, film, digital content, live events, merchandise, studio production and more, we connect with billions of people in nearly every country in the world.
The IT Compliance & GRC Senior Analyst has a dual role with responsibility for day to day administration of the SAP GRC compliance module, in addition to their primary responsibility of supporting the IT compliance program which includes testing of controls, documentation of IT processes, providing remediation recommendations, and supporting IT compliance and governance projects including system pre-implementations. The position reports to the IT Compliance Manager in Budapest.
- Support overall compliance efforts of department; may include project management
- Assist various local and IT stakeholders with compliance issues and inquiries
- Work closely w/ auditors to address control and SOX matters
- Support system pre-implementation process to ensure that the proper projects are identified and that key system receive a pre-implementation review prior to go live per Viacom policy.
- Ensure identification of system projects
- Participate as project lead or working team member as assigned
- Ensure controls are designed properly and assess SOX impacts
- Monitor post go-live activities as needed
Process Documentation & Walkthroughs:
- Annual walkthroughs of IT controls and business processes with critical IT systems.
- Preparation of key system documentation and respective annual updates.
Quarterly Testing & Reporting:
- Perform quarterly testing and reporting of key systems.
- Escalate Compliance related issues or concerns
- Prepare and maintain IT Compliance reporting
SAP GRC Administration:
- Owner and administrator of SAP GRC (currently on GRC 10.1 SP22)
- Review SOD conflicts related to user access requests and assign mitigating controls.
- Work closely w/ SOX team to ensure mitigating controls are appropriate and still relevant
- Maintain rule set and assess new and/ or custom t-codes for rule-set impact. Update rule-set as needed, following change management protocols.
- Perform analysis on role configurations, queries of usage tables, etc. as needed.
- Collaborate with Security team on new role design/ modifications to ensure no SOD issues
- Controls: Maintain application controls as required by SOX. Provide control support to auditors (internal and external) for testing, walkthroughs, etc.
- Change Management - process change requests for modifications to the application configuration. Work w/ IT on successful installation and testing of upgrades/patches/ etc..
- Documentation: Develop and maintain documentation of the application, including policies and procedures to enable standard execution of tasks
- Strong technical skills
- Knowledge of IT processes and Information Security risks and controls (e.g. access controls, segregation of duties issues, ITGC change management controls, application controls, interface controls)
- IT control testing and ability to design IT controls for new systems (access, change management, SOD, etc)
- Excellent time management and organizational skills
- Self motivated individual; action oriented; results driven
- Problem solving ability
- Ability to work independently and perform multiple concurrent and diversified tasks effectively
- Ability to take ownership of projects and drive them through to completion
- Speak and write clearly and effectively in English
- Prior SAP GRC administration experience a must
- Big 4 public accounting audit experience
- Bachelor’s Degree in Information Technology or Computer Science
- CISA (Certified Information Systems Auditor), CISSP or CISM or local equivalent
We believe you will enjoy working with us because:
- You can be part of an exciting sector,
- We are dedicated and enthusiastic about our job.
And some extras we offer:
- Award-winning office,
- Open, inclusive community,
- Massage chair,
- Fruit days,
- Viacom Pub and other regular events (Spark, Spark Life, Viacommunity Day, etc.),
- Opportunity to visit taping of locally produced tv-shows.
„ By applying for this role I hereby state that I read and understood Viacom’s recruitment related privacy notice („Notice”, https://www.viacom.com/recruitment-privacy-notice-eea-switzerland ) and that I accept the Notice’s conditions. I hereby give my consent for Viacom to process my above indicated personal data (name, telephone number, e-mail address, etc.) and the additional personal data that may be included in my CV and cover or motivation letter in the course of the recruitment related procedure for the purposes set forth in the Notice (primarily the evaluation of the applications submitted for the respective job advertisements).”