Expression Of Interest: Compliance Manager

BAT is evolving at pace into a global multi-category business. Our purpose is to create A Better Tomorrow by Building a Smokeless World.
To achieve our ambition, we are looking for colleagues who are ready to join us on this journey Tomorrow can't wait, let's shape it together

British American Tobacco has an exciting opportunity for a Compliance Manager - GRC in Malaysia

The Compliance Manager is responsible to drive the Governance Adherence and Execution of Compliance Operations associated with Control Processes across Global SOx (Sarbanes Oxley) in scope systems within BAT landscape. This role collaborates with IT System Owners, Control Owners, Global Process Owners (GPO), Risk & Compliance Team, and Business Control Team, to ensure Timely and Quality Delivery of Effective Control / Compliance Procedures in full Completeness and Accuracy (C&A).

Your key responsibilities will include:

• Deliver to day-to-day work streams related to IT SOx (Sarbanes Oxley Act) and IT General compliance across SAP and Non-SAP IT Applications and Infrastructure controls.
• Monitor, track and review performances of centrally operated IT controls operated by 3rd party vendors and BAT teams. Performances and action plans to be reported to Compliance Manager on a regular basis.
• Collaborate and manage compliance discussions with IT System owners, and Internal/External Control Operators to ensure quality, consistency, and operability of new and existing controls.
• Produce structured and insightful analysis of where to remediate areas of non-compliance to the various existing control frameworks in place within BAT; Work with service owners and 3rd party vendors to resolve / manage remediations until closure.
• Plan and support SOx Design Effectiveness (DE) and Operational Effectiveness (OE) testing of centrally operated SOx and IT General Controls.
• Manage and track audit change request, and standard control operation queries with BCT (Business Controls Team) Auditors and DBS Risk and Compliance Team.
• Facilitate and drive discussions on new system onboarding and offboarding for centrally operated SOx (Sarbanes Oxley Act) and ITGC (IT General Controls)
• Manage operations repository and evergreening of compliance operations documentation (Control artifacts, Standard Operating Procedures (SOP), work instructions, reconciliation reports etc)
• Lead Continuous Service Improvement (CSI) initiatives to identify, prioritize and drive measurable improvements in control effectiveness, automation, and operational efficiency.
• Facilitate and/or support remediation activities on any control deficiency or IRI (Immediately Reportable Incident) with impact to controls.
• Establish and nurture strong collaborative relationships with BAT IDT Services and Tech Delivery Team, ensuring consistent engagement through regular progress updates and timely resolution of audit and compliance-related requests

What are we looking for?

ESSENTIAL

Core Competencies

• Deep understanding of SOx, ITGC, and internal control frameworks specifically in the domain of Access and Change Management.
• Experience with SAP GRC (Governance, Risk, Control) and/or IAM (Identity and Access Management) interfaces and processes
• Experience in large global organisation using in-sourced and out-sourced IT service providers, and a good working knowledge of the management of global applications services
• Ability to assess risks, conduct audits, and implement control improvements.
• Demonstrates strong written, verbal, and presentation skills with the ability to communicate complex IT concepts in a clear and relatable manner to senior management and non-technical stakeholders.
• Proficient in data analysis and reporting on MS Excel
• Familiarity with ServiceNow (or other ITSM tool), SharePoint, and any audit tracking tools.

Behavioral Competencies

• Attention to Detail: Precision in reviewing policies, controls, and audit evidence.
• Analytical Thinking: Ability to interpret complex compliance data, identify risk areas and produce impact assessments and recommendations.
• Communication Skills: Clear articulation of compliance requirements to technical and non-technical stakeholders.
• Ethical Leadership: Uphold integrity and foster a culture of compliance.
• Project Management: Organize and oversee compliance initiatives within scope and timelines.
• Interpersonal Skills: Build strong relationships across departments and with external auditors.

Education / Qualifications / Certifications Required

• Degree Educated, 5-8 years post graduate work experience in an IT Services environment and /or business facing IT role.
• More than 3 years' experience in audit and compliance specially in the domain of Application Access Management and Change control testing

BENEFICIAL

• Professional certifications such as CISA (Certified Information Systems Auditor) or ITIL (Information Technology Infrastructure Library).
• Data Visualization & Reporting with Power BI

What we offer you?

• We offer a market leading annual performance bonus (subject to eligibility)
• Our range of benefits varies by country and includes diverse health plans, initiatives for work-life balance, transportation support, and a flexible holiday plan with additional incentives
• Your journey with us isn't limited by boundaries; it's propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn't just a statement – it's a reality we're eager to build together. Seize the opportunity and own your development; your next chapter starts here. 
• You'll have access to online learning platforms and personalized growth programs to nurture your leadership skills.
• We prioritise continuous improvement within a transformative environment, preparing for ongoing changes

WHY JOIN BAT?
We're one of the few companies named as a Global Top Employer by the Top Employers Institute – certified in offering excellent employee conditions.

Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio-economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.
We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (e.g. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).

Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experience here.

If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.