Refresco
Description
Make a Difference in YOUR Career!
Our vision is both simple and ambitious: to put our drinks on every table.
We are the leading global independent beverage solutions provider. We serve a broad range of national and international retailers as well as Global, National and Emerging (GNE) brands. Our products are distributed worldwide from our production sites in Europe, North America, and Australia. Although our own branding may not appear on the labels of the beverages we produce, there is a good chance you are reading this while sipping one of our drinks.
Our ambition is to continually improve and it’s what keeps us at the top of our game. We are solutions-based. We are innovative. We seek out new challenges and conquer them. This is our company ethos, but it’s our people’s too: Refresco is at the cutting edge of a fast-moving industry because we have passionate people pushing the boundaries of what’s best.
Stop and think: how would YOU put our drinks on every table?
Summary Description:
This role is responsible for maintaining and improving our IT governance, risk, and compliance (GRC) program, with a focus on SOX compliance, application and data transfer controls, validating the completeness and accuracy of reports, third-party risk management and disaster recovery.
Essential Job Functions:
IT Risk Assessments:
Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data.
Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies.
Collaborate with IT and business stakeholders to prioritize and remediate identified risks.
Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM)
SOX Compliance:
Maintain and update the Risk and Control Matrix.
Evaluate the design and monitor the execution of management's SOX controls.
Participate in business process walkthroughs to identify application controls, reports, and ITGC dependencies/risks.
Review SOC reports and map control deficiencies to relevant IT risks.
Ensure all control evidence of operating effectiveness is maintained timely, with appropriate detail for all IT controls; own the development, reporting, completion of control remediation plans
Application and Data Transfer Controls, Report (IPE) Validation:
Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes
Evaluate the design and effectiveness of application controls.
Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness
Evaluate the design (completeness and accuracy) of reports used for key controls
Third-Party Risk Management:
Support the implementation of a third-party risk management program.
Monitor and manage risks associated with third-party relationships.
Disaster Recovery:
Develop, maintain, and test the IT disaster recovery plan, inclusive of supporting audits and requests for understanding and evidence by 3rd parties
Cyber Security:
Perform cyber security posture evaluations
Design and execute strategies to evaluate the ICFR impact of cyber security incidents
Draft the appropriate disclosures regarding cyber security posture and cyber incidents and response as necessary
Ongoing Regulatory Compliance:
Ensure compliance with relevant regulations and industry standards (e.g., SOX, NIST).
Assist with internal and external audits.
Required Skills and Qualifications:
Advanced knowledge of SOX controls and compliance; experience implementing or improving SOX
Strong drive and organizational skills inclusive of project and program management
Ability to proactively, productively manage diverse stakeholder groups
Excellent accounting and analytical skills
Technical expertise in ERP system design and operation
In-depth knowledge of IT governance frameworks (e.g., COBIT, ITIL) and risk management methodologies
Excellent interpersonal and communication skills, verbal and written
Strong understanding of SOX requirements and IT general controls (ITGCs).
Ability to analyze and solve problems, results oriented
Able to prioritize work, and determine when necessary to switch priorities
Experience evaluating / governing SAP ITGCs
Education and Experience:
Undergraduate degree in Accounting, Information Technology, Computer Science or related technical degree required
Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designation required (two or more preferred)
3+ years relevant work experience in public accounting or 4+ years industry required
2+ years working with SOX in the IT domain with or for a company listed on a US market required.
Refresco Beverages US Inc. offers the following competitive pay and comprehensive benefits:
Medical/Dental/Vision Insurance
Health Savings Accounts and Flexible Spending Accounts
Life and AD&D Insurance, critical illness, hospital indemnity, and accident insurance
Short-term disability and long-term disability
Pet Insurance
Legal Benefits
401(k) Savings Plan with Company Match
12 Paid Holidays
Vacation Days and Paid Sick Time Off Days
Well-being Benefit
Discount and Total Reward Programs
The applicant who is hired will receive wages within the range that will be based on several factors, including, as applicable, criteria such as years and type of experience, relevant education, training, qualifications, certifications/licensing, skills, geographic location, performance, market considerations, seniority system, merit system, systems that measure earnings by quantity or quality of production, and business or organizational needs.
Join Refresco TODAY and enjoy a rewarding CAREER!
Any employment agency, person, or entity that submits a résumé to this career site or a hiring manager does so with the understanding that the applicant's résumé will become the property of Refresco Beverages US, Inc.
Refresco Beverages, US Inc., will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity.
Employment agencies that have agreements with Refresco Beverages US, Inc., and have been engaged in a search shall submit a résumé to the designated Refresco recruiter or, upon authorization, submit a résumé to this career site to be eligible for placement fees.
Refresco Beverages US Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, gender expression, Veteran status, or any other classification protected by federal, state, or local law.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
Make a Difference in YOUR Career!
Our vision is both simple and ambitious: to put our drinks on every table.
We are the leading global independent beverage solutions provider. We serve a broad range of national and international retailers as well as Global, National and Emerging (GNE) brands. Our products are distributed worldwide from our production sites in Europe, North America, and Australia. Although our own branding may not appear on the labels of the beverages we produce, there is a good chance you are reading this while sipping one of our drinks.
Our ambition is to continually improve and it’s what keeps us at the top of our game. We are solutions-based. We are innovative. We seek out new challenges and conquer them. This is our company ethos, but it’s our people’s too: Refresco is at the cutting edge of a fast-moving industry because we have passionate people pushing the boundaries of what’s best.
Stop and think: how would YOU put our drinks on every table?
Summary Description:
This role is responsible for maintaining and improving our IT governance, risk, and compliance (GRC) program, with a focus on SOX compliance, application and data transfer controls, validating the completeness and accuracy of reports, third-party risk management and disaster recovery.
Essential Job Functions:
IT Risk Assessments:
Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data.
Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies.
Collaborate with IT and business stakeholders to prioritize and remediate identified risks.
Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM)
SOX Compliance:
Maintain and update the Risk and Control Matrix.
Evaluate the design and monitor the execution of management's SOX controls.
Participate in business process walkthroughs to identify application controls, reports, and ITGC dependencies/risks.
Review SOC reports and map control deficiencies to relevant IT risks.
Ensure all control evidence of operating effectiveness is maintained timely, with appropriate detail for all IT controls; own the development, reporting, completion of control remediation plans
Application and Data Transfer Controls, Report (IPE) Validation:
Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes
Evaluate the design and effectiveness of application controls.
Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness
Evaluate the design (completeness and accuracy) of reports used for key controls
Third-Party Risk Management:
Support the implementation of a third-party risk management program.
Monitor and manage risks associated with third-party relationships.
Disaster Recovery:
Develop, maintain, and test the IT disaster recovery plan, inclusive of supporting audits and requests for understanding and evidence by 3rd parties
Cyber Security:
Perform cyber security posture evaluations
Design and execute strategies to evaluate the ICFR impact of cyber security incidents
Draft the appropriate disclosures regarding cyber security posture and cyber incidents and response as necessary
Ongoing Regulatory Compliance:
Ensure compliance with relevant regulations and industry standards (e.g., SOX, NIST).
Assist with internal and external audits.
Required Skills and Qualifications:
Advanced knowledge of SOX controls and compliance; experience implementing or improving SOX
Strong drive and organizational skills inclusive of project and program management
Ability to proactively, productively manage diverse stakeholder groups
Excellent accounting and analytical skills
Technical expertise in ERP system design and operation
In-depth knowledge of IT governance frameworks (e.g., COBIT, ITIL) and risk management methodologies
Excellent interpersonal and communication skills, verbal and written
Strong understanding of SOX requirements and IT general controls (ITGCs).
Ability to analyze and solve problems, results oriented
Able to prioritize work, and determine when necessary to switch priorities
Experience evaluating / governing SAP ITGCs
Education and Experience:
Undergraduate degree in Accounting, Information Technology, Computer Science or related technical degree required
Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designation required (two or more preferred)
3+ years relevant work experience in public accounting or 4+ years industry required
2+ years working with SOX in the IT domain with or for a company listed on a US market required.
Refresco Beverages US Inc. offers the following competitive pay and comprehensive benefits:
Medical/Dental/Vision Insurance
Health Savings Accounts and Flexible Spending Accounts
Life and AD&D Insurance, critical illness, hospital indemnity, and accident insurance
Short-term disability and long-term disability
Pet Insurance
Legal Benefits
401(k) Savings Plan with Company Match
12 Paid Holidays
Vacation Days and Paid Sick Time Off Days
Well-being Benefit
Discount and Total Reward Programs
The applicant who is hired will receive wages within the range that will be based on several factors, including, as applicable, criteria such as years and type of experience, relevant education, training, qualifications, certifications/licensing, skills, geographic location, performance, market considerations, seniority system, merit system, systems that measure earnings by quantity or quality of production, and business or organizational needs.
Join Refresco TODAY and enjoy a rewarding CAREER!
Any employment agency, person, or entity that submits a résumé to this career site or a hiring manager does so with the understanding that the applicant's résumé will become the property of Refresco Beverages US, Inc.
Refresco Beverages, US Inc., will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity.
Employment agencies that have agreements with Refresco Beverages US, Inc., and have been engaged in a search shall submit a résumé to the designated Refresco recruiter or, upon authorization, submit a résumé to this career site to be eligible for placement fees.
Refresco Beverages US Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, gender expression, Veteran status, or any other classification protected by federal, state, or local law.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.