×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
IT Business Analyst Cybersecurity

Specialist III Business Risk & Controls

Job in Quincy, Norfolk County, Massachusetts, 02171, USA
Listing for: ViziRecruiter,LLC.
Full Time position
Listed on 2026-06-04
Job specializations:
  • IT/Tech
    IT Business Analyst, Cybersecurity
  • Business
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Introduction

Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which also includes five leading omnichannel grocery brands – Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Ahold Delhaize USA associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more.

Overview

The Risk & Controls Manager is a core member of the Business Transformation Program Operations team and serves as the business authority for risk, controls, and segregation-of-duties (SoD) requirements across the ERP implementation. This role is responsible for defining, governing, and maintaining enterprise‑aligned business process controls, SoD rulesets, and end‑to‑end process‑level risk management. A critical element of this position is ensuring that existing business processes, control frameworks, and operational guardrails are fully understood, reconciled, and integrated into future‑state solution design.

The Risk & Controls Manager partners closely with process owners to identify required control capabilities, challenge gaps in future‑state design, and ensure the transformed processes preserve or improve control effectiveness.

The role works across Technology, Internal Audit, External Audit, and the System Integrator to ensure that transaction integrity, approvals, reconciliations, and reporting safeguards are embedded in business design—not dependent on underlying system configuration alone. The position evaluates unacceptable control conflicts, validates SoD principles, and ensures risk mitigation strategies are consistent with enterprise standards and the broader Risk & Controls organization.

The Risk & Controls Manager ensures the ERP program is audit‑ready by delivering clear, sustainable, and auditable business process controls that align to enterprise policy, reduce operational risk, and support a scalable, well‑governed ERP environment.

This is a full‑time, dedicated role for the duration of the transformation program (estimated 5‑7 years).

Our flexible/hybrid work schedule includes 3 in‑person days at one of our core locations and 2 remote days. Our core office locations include Salisbury, NC;
Quincy, MA;
Scarborough, ME.

Responsibilities

Business Process Controls Ownership

  • Lead the definition, documentation, and governance of business process controls across all in‑scope ERP processes; ensuring controls reflect key business risks and align with ADUSA Risk & Controls frameworks and standards.
  • Contribute to the design criteria and requirements for business process controls during process design, ensuring appropriate risk and control considerations are embedded.
  • Own the design and maintenance of SoD rulesets from a business risk perspective, defining unacceptable conflicts, required mitigating controls, and process‑driven access principles.
  • Drive end‑to‑end mapping of controls to business process definitions, flows, and global templates, ensuring the control logic follows the process and is consistent across banners and functions.
  • Risk & Controls Framework & Documentation

Develop and maintain business‑owned components of the ERP control documentation, including RACMs, control narratives, process flows, test scripts, and evidence standards; ensuring alignment with ADUSA Risk & Controls documentation standards.

Identify and communicate control gaps, redundancies, and optimization opportunities; support business owners and ADUSA R&C in developing practical remediation actions with clear timelines and risk prioritization.

Govern the documentation and design of mitigating controls (including those supporting SoD conflicts) in accordance with ADUSA R&C guidance and business operating realities.

Partnership with Technology

Serve as the authoritative source of business control requirements for Tech, SAP Security, and GRC teams to translate into system‑enforced controls, role design, and access governance processes.

Review system role designs and access models to ensure alignment to business‑defined SoD and control expectations.

Audit & Assurance Alignment

Coordinate with…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search