Your Opportunity as the Analyst, IT Risk

The Analyst, IT Risk Management is responsible for facilitating support for the annual financial statement and SOX audit within IS (Information Services), under moderate supervision. The Analyst role will interface with all levels of staff and management within the Information Services organization to support sustained effective IT controls. The analyst also has responsibility to facilitate the implementation of IT General Controls standards in projects and engage in targeted IT governance related initiatives on an as needed basis.

Location: Orrville, OH (Close proximity to Cleveland/Akron)

Work Arrangements: Hybrid ~30% in office expectation

In this role you will:

Support Annual SOX/Financial Statement Audit

• Engages with internal and external audit to facilitate audit requirements

• Assists with remediation of identified audit findings

• Assists with refreshes of and enhancements to IS SOX policies, narratives, and control self-assessment documentation

• Create and maintain IS control documentation and knowledge repository

• Assist in implementing improvements to the IS internal control environment

• Contribute to the continued development of internal controls awareness within the IS organization, including SOX requirements, the Project Governance Checklist, and report completeness and accuracy

• Assist in the facilitation of monthly, quarterly, and annual review activities

Support Risk Management, Compliance, and IT General Controls (ITGC)

• Assist in the development and sustained execution of run model IT General Control monthly, quarterly, and annual review activities

• Serve as a point of contact across Information Services on IT General Control practices for both on-premise and cloud technologies

• Participate on Information Services projects to ensure:

  • ITGCs and sound internal controls are timely implemented and documented

  • Data conversion activities are appropriately performed and documented

  • Business process control adds/changes are evaluated for IT SOX scope impact

  • Coordination of effort with Financial Compliance

• Participate in risk management, compliance, and internal control initiatives as needed

• Participation in risk assessment activities across the organization, including 3rd party technical risk assessments

• Support other IS Governance initiatives and ad-hoc assignments as needed

The Right Place for You

We are bold, kind, strive to do the right thing, we play to win, and we believe in a strong community that thrives together. Our culture is rooted in our , and we believe in supporting every employee by meeting their physical, emotional, and financial needs.

What we are looking for:

Minimum Requirements:

• Bachelor's degree

• 1+ year of internal controls, audit, information security or technology process experience

• Trustworthy with high personal standards of integrity

• Willingness to learn

• Attention to detail and ability to implement

• Ability to work effectively independently or collaborate with a broader team

• Understanding of business process controls, application controls and interface controls

• Experience with at least one of the following corporate standard systems: ServiceNow, Workiva, Oracle GRC, Oracle eBusiness Suite and/or Oracle Cloud Technologies, HP Service Manager, and HP Project & Portfolio Management

• Ability to adapt to changing requirements

• Ability to document processes, roles, key decisions, and other work session outputs

Additional skills and experience that we think would make someone successful in this role (not required):

• Experience with IT General Controls

• Experience with Sarbanes-Oxley compliance

• Experience with IT service management processes (change, incident, or problem management)

• Experience with access and identity management processes

• Familiarity with third-party technology (SaaS, IaaS, and PaaS) risk management

Learn more about working at Smucker:

Follow us on

#LI-CM1

#LI-Hybird