Position Title:  Sr Analyst Internal Controls-SAP GRC

Be a part of a revolutionary change

At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on and building our future on one clear purpose – to deliver a smoke-free future.

With PMI’s journey towards a smoke-free future and a consumer-centric organization, the company faces new opportunities and risks. To safeguard the company’s business objectives and protect against emerging uncertainties, a highly professional risk management and internal controls practice is required. The Senior Analyst Internal Controls – SAP GRC is responsible for maintaining and administering the SAP GRC system, executing risk management and internal control activities, and driving continuous improvement initiatives.

Your Day to Day

• Maintain and administer the SAP GRC system, update the Business and IT rule Matrix, execute periodic user access reviews, and provide support and training to users.
• Execute ongoing risk management and internal control activities, including Continuous Control Monitoring (CCM) framework maintenance and SOX control execution.
• Identify opportunities for centralization, optimization, and automation of Internal Controls activities.
• Manage SAP GRC relevant risks and incidents across business and IT streams for Run and Support and Project activities as part of the CCM global coordination role.
• Provide training and support on SAP GRC and SAP security technical know-how, business process knowledge, and governance experiences.
• Contribute to process and system improvements, ensuring they adapt to changing environments.
• Promote and apply guidelines, methodologies, and initiatives set by PMI IC and PWC to improve business process controls, security, and reliability of information systems.
• Maintain CCM control frameworks and reporting, foster communication among business and IT teams, and ensure compliance with SOX and other directives.
• Deliver periodic IC activities for System Support and Maintenance, including change management of enhancements and upgrades.

What are we looking for:

• University degree in IT, Computer Science, or related field. Optional certifications such as Certified in SAP GRC/SAP Security, Certified Information Systems Auditor (CISA), or Governance Risk Compliance Professional (GRCP) Certification.
• 5+ years of experience in SAP GRC solution deployment, advisory, or administration, Enterprise Risk Management, Internal Controls, IS Audit, Identity and Access Management, Cybersecurity, or a combination of these areas.
• Fluent written and verbal English business professional language skills.
• Skills:
  • SAP GRC system maintenance and other access/process control monitoring tools.
  • SAP Security and user access/identity management tools.
  • Business role design and maintenance.
  • Definition and maintenance of conflicting and sensitive access rules.
  • Experience with digitization and agile (SCRUM) transformation projects.
• Technical Skills: Hands-on experience with SAP (security/role setup) and GRC technology solutions (IBM OpenPages, SAP GRC), and proficiency with Microsoft Office Suite (PowerPoint, Teams, SharePoint, Word, Excel).

What we offer

Our success depends on our talented employees who come to work here every single day with a sense of purpose and an appetite for progress. Join PMI and you too can:

•    Seize the freedom to define your future and ours. We’ll empower you to take risks, experiment and explore.

•    Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong.

•    Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress.

•    Take pride in delivering our promise to society: to deliver a smoke-free future.