Jobs · North Carolina

Specialist III Business Risk & Controls

Ahold Delhaize USA · Salisbury, NC · 1 wk ago
Hybrid$93k–$139k/yrFull-time

About the role

The Risk & Controls Manager is a core member of the Business Transformation Program Operations team and serves as the business authority for risk, controls, and segregation-of-duties (SoD) requirements across the ERP implementation.

Responsibilities

  • Define, document, and govern business process controls across all in-scope ERP processes; ensuring controls reflect key business risks and align with ADUSA Risk & Controls frameworks and standards.
  • Contribute to the design criteria and requirements for business process controls during process design, ensuring appropriate risk and control considerations are embedded.
  • Own the design and maintenance of SoD rulesets from a business risk perspective, defining unacceptable conflicts, required mitigating controls, and process-driven access principles.
  • Drive end-to-end mapping of controls to business process definitions, flows, and global templates, ensuring the control logic follows the process and is consistent across banners and functions.
  • Develop and maintain business-owned components of the ERP control documentation, including RACMs, control narratives, process flows, test scripts, and evidence standards; ensuring alignment with ADUSA Risk & Controls documentation standards.
  • Identify and communicate control gaps, redundancies, and optimization opportunities; support business owners and ADUSA R&C in developing practical remediation actions with clear timelines and risk prioritization.
  • Govern the documentation and design of mitigating controls (including those supporting SoD conflicts) in accordance with ADUSA R&C guidance and business operating realities.
  • Serve as the authoritative source of business control requirements for Tech, SAP Security, and GRC teams to translate into system-enforced controls, role design, and access governance processes.
  • Review system role designs and access models to ensure alignment to business-defined SoD and control expectations.
  • Audit & Assurance Alignment: Coordinate with ADUSA Risk & Controls to understand enterprise audit expectations and ensure business-owned control documentation supports effective audit readiness. Engage Internal Audit and External Audit as needed-via ADUSA R&C-to clarify expectations, understand upcoming assurance needs, and support pre-validation activities of business-owned control documentation and evidence.
  • Support the planning and execution of business control testing during SIT/UAT in partnership with program testing teams and ADUSA R&C.
  • Represent Business Controls in ERP design sessions, fit-gap workshops, and Business Transformation governance forums, ensuring risk and control requirements are intentionally embedded.
  • Provide oversight and challenge to the System Integrator regarding control design completeness and process risk considerations.
  • Provide program leadership with transparent reporting on business control readiness, risk exposure, and required decision-making.
  • Maintain formal, ongoing alignment with central Risk & Controls team to ensure consistency in frameworks, methodologies, and enterprise audit expectations.
  • Maintain cross-functional integration by ensuring business teams understand, adopt, and operate to the approved control designs as part of change readiness and operational transition.

Qualifications

  • 8+ years of experience in internal controls, business process risk management, audit, or governance roles supporting end-to-end process transformation or ERP.
  • Deep expertise in business process risk & control design within large-scale ERP transformations (preferably SAP), with the ability to translate business risks into control requirements and align documentation to an enterprise Risk & Controls framework.
  • Experience collaborating with technology teams to translate business control requirements into system role, SoD principles, and security models.
  • Strong knowledge of SOX, COSO, business process controls, and audit methodologies.
  • Prominent communication, facilitation, documentation, and stakeholder management skills.
  • Proven ability to influence in matrixed environments across business, finance, and technology.
  • Ability to articulate risk and control implications of business process design decisions.
  • Experience working with internal and external auditors on large transformation programs.
  • Ability to manage multiple priorities in a large, fast-moving transformation program.
  • Ability to travel up to 25%.

Preferred Qualifications

  • Professional certifications: CPA, CIA, CRISC, or CFE.
  • Retail grocery/CPG experience with exposure to store ops, merchandising, supply chain, and finance processes.
  • Working knowledge of mitigating control design, access governance principles, and SoD frameworks.

Similar jobs

Risk Control Specialist

Association County Commissioners of GeorgiaGeorgia, United States· 1 wk ago
Remoteapply on accg.isolvedhire.com

Risk Control Specialist

Great West, An Old Republic CompanyColorado, United States· 1 wk ago
OTHR$80k–$115k/yrapply on myjobs.adp.com