Director/Senior Director, Risk & Compliance
Listed on 2026-07-01
-
Finance & Banking
Financial Compliance, Risk Manager/Analyst
Director/Senior Director, Risk & Compliance
Reporting to the Vice President, Risk & Compliance (R&C), the Director / Senior Director, R&C is responsible for the design, oversight, and continuous improvement of technology-enabled risk management and internal controls across SAP S/4 HANA (S/4) and associated financial boundary systems. While having the ground floor opportunity of bridging a multi-year S/4 finance transformation implementation with a post go-live compliance and advisory function, this role provides leadership in all aspects of Security, Risk, and Controls (SRC), which includes assessing job-based security roles, segregation of duties (SoD), and process-level risks and developing / maintaining a company-wide Risk & Control Matrix (RCM).
The Director / Senior Director partners closely with the S/4 project team, Global Controllership across Global Financial Operations (GFO), Corporate, and Business Units;
Operations & Technology (O&T); and various compliance groups to ensure risks are identified, mitigated, and appropriately controlled within an evolving financial systems landscape.
This role is also responsible for helping to design, establish/maintain, and manage a robust risk and compliance framework for Global Controllership including Global Finance Operations (GFO) teams on and offshore. The framework should ensure that all enterprise-wide accounting compliance programs, processes and technologies are consistent with NBCUniversal's policies and procedures as well as applicable laws and regulations. Our GFO model today encompasses three service towers;
Purchase to Payable (PTP), Order to Cash (OTC), and Record to Report (RTR) and has ~100 FTE NBCU team members supported by ~350 FTE in offshore locations. Services are provided to a wide range of business groups in a large number of countries.
A successful candidate must demonstrate a strong knowledge of standard SAP finance concepts, knowledge of business and IT Sarbanes-Oxley (SOX), and experience implementing a controls framework. This role will work closely with solution integrators to gain a deep understanding of suggested SAP best practices and evaluate in partnership with the Global Controllership Global Process Owners (GPOs) where we can mitigate risks.
This position will help GPOs design processes that are risk compliant by access controls and monitor segregation of duties.
Responsibilities:
- Govern and work closely with Project Teams, GPOs, and O&T to develop and maintain the ongoing global access control strategy and role design standards
- Help design and implement new roles that align with NBCU users' job responsibilities
- Design post-go-live approval workflows and set policy for access provisioning, role and transaction code changes, SoD risk mitigation, and periodic access and SoD rule set reviews
- Act as the final design authority for critical and cross-functional / high-risk roles and help ensure SAP security design aligns with financial close, PTP, OTC, RTR control objectives, SOX compliance, and cyber, internal audit and external audit expectations
- Identify, analyze, and remediate SoD risks / rule sets
- Assess inherent and residual risks, with a focus on system-enabled risks and SoD exposures, and work directly with corporate / business units and process owners to understand end-to-end finance processes and mitigating SoD controls
- Design and implement effective mitigating controls including transactional monitoring where preventive controls are not feasible, ensuring they are practical, sustainable, and auditable
- Partner with IT, Security, and Cyber teams to ensure access controls align with business processes and internal control standards
Risk & Control Framework
- Develop, maintain, and govern the Risk Control Matrix (RCM) for S/4 and finance-related boundary systems and consolidate with GFO RCM to ensure consistency and efficiencies
- Ensure key risks and controls are effective, clearly documented, tested, embedded in the business, and updated as people, processes & technology change / evolve
- Align the RCM with financial reporting, operational, and compliance requirements (e.g., SOX)
- Develop a plan to maintain NBCU company-wide control framework post go-live including Governance Risk Compliance (GRC) tool evaluation and implementation
- Perform risk assessment and develop compliance approach to help ensure processes and controls are operating effectively
Functional Collaboration, Governance, and Continuous Improvement
- Help identify roles and responsibilities during Keystone implementation and post go-live
- Work closely with GPOs for all Finance areas including PTP, OTC, RTR, MDG and Reporting & Analytics
- Serve as a trusted advisor to Global Controllership, Finance, O&T, and various compliance groups on risk and control matters
- Liaison with internal audit, external audit, compliance, controllership, and finance leadership
- Support audit activities, including walkthroughs, control testing, and remediation efforts related to S4 and boundary systems
- Provide…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).