IT Risk and Compliance Analyst London, England
Job description
Your role in a nutshell
This is a permanent role, based out of our London Bridge office on a hybrid basis.
We are searching for highly motivated candidate and a results-oriented analyst to join our growing IT Internal controls team as an IT Risk & Compliance Analyst, focusing on the execution of our global SOX Compliance program (mainly SAP) as well as compliance across Cyber-Security, PCI-DSS and GDPR controls for IT. The ideal candidate will have hands-on experience identifying and evaluating the design of risk and controls and assesses the effectiveness of controls on critical systems in a dynamic/complex environment. In addition, the candidate will be detail-oriented and have the skills necessary to influence people in a fast-changing environment. The position, which reports to the Head of IT Compliance will provide guidance to internal and TBS customers, external customers and vendors. This position will be part of an integrated team that believes that collaboration, flexibility, resourcefulness and attention to detail are keys to success.
More about the role
Contribute to the ongoing maintenance of the IT SOX Risk and Controls Matrix
Assist Control Owners with any ongoing remediation plans throughout the year to ensure testing is carried out and tracked without delay to the overall SOX programme
Confirm and ensure operational duties for the SOX programme is managed daily
Support in tracking of controls in The Body Shop Cyber Security framework as defined by the Cyber-Security team including testing, evidence gathering and audit as well as implementation for new systems and projects
Assist with the annual global PCI-DSS audit, ensuring technical controls are operated correctly, documentation updated and the relevant store visits and technical testing activities are completed on time
What we look for
Technical skills:
Strong technical insight, practical knowledge and capability in Sarbanes-Oxley compliance including:
IT controls including Change Mgt, User Access and IT Operations including experience in SAP environment
Experience of SAP and associated GRC tool
Experience of understanding and assessing third party service provider risk and control, including understanding SOC reports control
Experience in working with AuditBoard
Preferred experience:
Understanding of the key business processes across business functions such as Record to Report
Experience of assessing risks around new system development
Knowledge of PCI-DSS
Exposure to new generation technology solutions including robotics
Good knowledge of Cybersecurity frameworks such as NIST
A "Big 4" background or comparable IT audit experience is advantageous although we will also consider candidates with excellent industry experience managing SOX compliance
The Body Shop
When Anita Roddick founded The Body Shop in 1976, she had a vision. Business as a force for good – that’s us. Over 40 years later, we’re proud to be pioneering cruelty-free beauty every step of the way. We’re the original ethical beauty brand. We’ve got a thing for empowering people and enriching our planet. We’re all about keeping it real, in every way possible. Our activist roots remain a huge part of everything we do, from our iconic window posters to our vegetarian products to our infamous campaigns. We’re never afraid to stand up and speak the truth. We like to do things a little differently around here.
The Body Shop, along with Avon and Natura, is part of Natura & Co, a global, multi-channel and multi-brand cosmetics group that is committed to generating positive economic, social and environmental impact. Group owner Natura is Brazil's number one cosmetics manufacturer. Sustainable development has been the company's guiding principle since it was founded in 1969. In fact, this is an incredibly exciting time for The Body Shop. We’re fighting for what we believe in now more than ever. No holding back. Breaking the mould has always come naturally to us, and we need someone who’s not afraid to mix things up.
Benefits
23 days holiday plus Bank Holidays and an opportunity to buy more
1 Self Love Day – An extra day off per year to recharge and focus on what you love to do most
3 additional days a year to volunteer in the local community to support the causes you feel most passionate about
Hybrid working – with up to 60% of your time working remotely
Discretionary bonus scheme
6% contributory pension plan (that rises with loyalty)
LOVE Money – Money from us to spend on YOUR wellbeing - pamper yourself on us. Every year.
50% employee discount on our products and access to sample sales
Access to Perks at Work, our online shopping channel with exclusive deals & discounts
Access to our Nourish platform, where you have access at certain times of the year to fantastic benefits such as; Buying/Selling holiday, Pension Top Up, Private Medical Insurance options, Green Car Benefits, Cycle to Work scheme, on site nursery (for Littlehampton colleagues)
Life Assurance
EAP (Employee Assistance Program) – we work with experts to support you on all aspects of your Wellbeing: Physical, Mental and Financial.
Diversity and Inclusion
At The Body Shop, we firmly believe that equality is a human right and that all people should have an equal opportunity to pursue their dreams and aspirations. We are committed to attracting, developing, and retaining the very best people by offering a creative and inclusive workplace where talent is recognized. We value diversity and consider all applicants for employment without regard to race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status or disability status. We are proud to have a number of different active employee inclusion networks that serve not just as catalysts for change, but also to build a spirit of diversity, equality, inclusivity, and provide safe supportive spaces for engagement and solidarity for members of these communities. The Body Shop is also committed to providing access, equal opportunity, and reasonable adjustments for individuals with disabilities in employment, its services, programmes and activities. To request a reasonable adjustment or further support, please let us know in your application.
