Senior Advisor - Access Control

About the role:

The Governance, Risk and Control team is responsible to ensure the effective execution and continuous improvement of IT General Controls (ITGC), with a focus on access management and segregation of duties (SoD). This involves implementing internal controls to ensure compliance with regulatory requirements, conducting risk assessments to identify potential IT risks and control gaps, and collaborating with cross-functional teams to develop mitigation strategies. The role requires expertise in executing the ongoing compliance and improving the efficiency and effectiveness of control processes.

Key Responsibilities

• Execute testing for IT General Controls (ITGC) with primary focus on access and SoD related controls as per annual validation plan
• Implementation of internal controls to ensure compliance with the access and SoD requirements, ITGC controls and compliance requirements or other rules and regulations
• Continuous review of new SAP access control when needed. Take up effective discussions with Business Process owners, and Compliance, Execution teams and ensure higher degree of compliance status is achieved
• Follow-up with stakeholders on risk mitigation control and performance
• Conduct risk assessments to identify critical systems, potential IT risks and control gaps, and work with cross-functional teams to develop mitigation strategies
• Assist in execution of identified areas for improvement in ITGC processes and recommend enhancements to increase efficiency and control effectiveness
• Support the development and delivery of training and awareness programs for control performers related to ITGC and ITAC

• Monitor and follow up with stakeholders to ensure timely remediation of identified risks and access & SoD related issues
• Assisting the manager in ensuring compliance with access governance

Required Experience & Skills:

• Ability to work as an individual contributor
• Master’s degree or equivalent, preferably in information technology or related field
• At least 4 years of overall experience and a minimum of 1 years in IT audits and ITGC/ITAC testing
• An advanced degree or certifications like CISA, CRISC, or similar certifications will be an added advantage
• Candidate with strong GRC background having an understanding and working knowledge of ITGC key domains with a focus on access management & SoD and IT Application Controls (ITAC)
• Functional Knowledge of SAP GRC tool and RSA Archer will be an added advantage
• Experience in Risk, Controls and Compliance or Internal Audits
• Experience with assessing, designing, and implementing generic and SAP controls with a focus on automated, configurable controls
• Good understanding of Segregation of Duties frameworks and mitigating control assignment
• Working knowledge in Microsoft applications
• Detail-oriented with strong documentation and communication skills
• Experience working in MNC or Big4 environments with multiple stakeholders across the globe will be an added advantage

Personal Characteristics:

• Able to consistently demonstrate & live cultural dimensions of Simplicity, Focus & Teamwork
• Good team player as part of GRC team for GSC with a positive attitude

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing  [email protected].