Job Title

Description Make a Difference in YOUR Career Our vision is both simple and ambitious: to put our drinks on every table. We are the leading global independent beverage solutions provider. We serve a broad range of national and international retailers as well as Global, National and Emerging (GNE) brands. Our products are distributed worldwide from our production sites in Europe, North America, and Australia. Although our own branding may not appear on the labels of the beverages we produce, there is a good chance you are reading this while sipping one of our drinks. Our ambition is to continually improve and itu2019s what keeps us at the top of our game. We are solutions-based. We are innovative. We seek out new challenges and conquer them. This is our company ethos, but itu2019s our peopleu2019s too: Refresco is at the cutting edge of a fast-moving industry because we have passionate people pushing the boundaries of whatu2019s best. Stop and think: how would YOU put our drinks on every table? Summary Description: We are seeking a highly motivated and experienced IT GRC Manager to join our team. In this role, you will be responsible for maintaining and improving our IT governance, risk, and compliance (GRC) program, with a focus on SOX compliance, application and data transfer controls, validating the completeness and accuracy of reports, third-party risk management and disaster recovery. Key Responsibilities: IT Risk Assessments: u2022 Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data. u2022 Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies. u2022 Collaborate with IT and business stakeholders to prioritize and remediate identified risks. u2022 Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM) SOX Compliance: u2022 Maintain and update the Risk and Control Matrix. u2022 Evaluate the design and monitor the execution of management's SOX controls. u2022 Participate in business process walkthroughs to identify application controls, reports, and ITGC dependencies/risks. u2022 Review SOC reports and map control deficiencies to relevant IT risks. u2022 Ensure all control evidence of operating effectiveness is maintained timely, with appropriate detail for all IT controls; own the development, reporting, completion of control remediation plans u2022 Train and educate IT teams and control owners on the effective operation of controls Application and Data Transfer Controls, Report (IPE) Validation: u2022 Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes u2022 Evaluate the design and effectiveness of application controls. u2022 Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness u2022 Evaluate the design (completeness and accuracy) of reports used for key controls Third-Party Risk Management: u2022 Develop and implement a third-party risk management program. u2022 Monitor and manage risks associated with third-party relationships. Disaster Recovery: u2022 Develop, maintain, and test the IT disaster recovery plan, inclusive of supporting audits and requests for understanding and evidence by 3rd parties Cyber Security: u2022 Perform cyber security posture evaluations u2022 Design and execute strategies to evaluate the ICFR impact of cyber security incidents u2022 Draft the appropriate disclosures regarding cyber security posture and cyber incidents and response as necessary Ongoing Regulatory Compliance: u2022 Ensure compliance with relevant regulations and industry standards (e.g., SOX, NIST). u2022 Assist with internal and external audits. u2022 Develop and deliver GRC training to IT and business stakeholders. Skills/Qualifications: u2022 Advanced knowledge of SOX controls and compliance; experience implementing or improving SOX u2022 Strong drive and organizational skills inclusive of project and program management u2022 Ability to proactively, productively manage diverse stakeholder groups u2022 Excellent knowledge of business process risks and controls in the manufacturing or consumer sectors preferred u2022 Technical expertise in ERP system design and operation u2022 In-depth knowledge of IT governance frameworks (e.g., COBIT, ITIL) and risk management methodologies u2022 Excellent interpersonal and communication skills, verbal and written u2022 Strong understanding of SOX requirements and IT general controls (ITGCs). u2022 Ability to analyze and solve problems, results oriented u2022 Able to prioritize work, and determine when necessary to switch priorities u2022 Experience evaluating / governing SAP ITGCs u2022 Experience building and maintaining processes and controls around IAM tools (SailPoint ISC) would be an asset Education and Experience: u2022 Undergraduate degree in Accounting, Information Technology, Computer Science or related technical degree required u2022 Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designation required (two or more preferred) u2022 5+ years relevant work experience in public accounting or 6+ years industry required u2022 3+ years working with SOX in the IT domain with or for a company listed on a US market required u2022 1.5+ years of IT Audit / IT GRC managerial role preferred Travel Requirements: + N/A A Career with Refresco Refresco is passionate about empowering leaders who reflect our core values and live by our leadership behaviors. These behaviors encourage effective leadership within the business, and focus on leading courageously, empowering individuals, and driving company growth as one team. Joining our team as a people manager means youu2019ll be encouraged to evolve as a leader who prioritizes the success of both you and your team, to deliver results, whilst bringing your authentic self to work. Refresco Beverages US, Inc. offers competitive pay and comprehensive benefits, which include: + Medical/Dental/Vision Insurance + Health Savings Accounts and Flexible Spending Accounts + Life and AD&D Insurance + Pet Insurance + Legal Benefits + 401(k) Savings Plan with Company Match + 12 Paid Holidays, Vacation, and Paid Time Off + Well-being Benefits + Discount and Total Reward Programs Join Refresco TODAY and enjoy a rewarding CAREER Any employment agency, person, or entity that submits a ru00e9sumu00e9 to this career site or a hiring manager does so with the understanding that the applicant's ru00e9sumu00e9 will become the property of Refresco Beverages, Inc. Refresco Beverages, Inc. will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity. Employment agencies that have agreements with Refresco Beverages, Inc., and have been engaged in a search shall submit ru00e9sumu00e9 to the designated Refresco recruiter or, upon authorization, submit ru00e9sumu00e9 to this career site to be eligible for placement fees. Refresco Beverages US, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, gender expression, Veteran status, or any other classification protected by federal, state, or local law. Equal Opportunity Employer This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights ( notice from the Department of Labor.