Analyst, IS Risk Management

Your Opportunity as the Analyst, IS Risk Management

The Analyst, Information Services Risk Management is responsible for facilitating support for the annual financial statement and SOX audit within IS, under moderate supervision. The Analyst role will interface with all levels of staff and management within the Information Services organization to support sustained effective IT controls. The analyst additionally has responsibility to facilitate the implementation of the IT General Controls standards in projects.

Location: Orrville, OH (Close proximity to Cleveland/Akron)

Work Arrangements: Flexible hybrid work arrangement ~25% in office presence

In this role you will:

Support Annual SOX/Financial Statement Audit

• Coordinates with internal and external audit to facilitate audit requirements

• Facilitate the remediation of IS internal control deficiencies

• Facilitate refreshes of and enhancements to IS SOX policies, narratives, and control self-assessment documentation

• Create and maintain IS control documentation and knowledge repository

• Develop recommendations to improve the IS internal control environment

• Contribute to the continued development of internal controls awareness within the IS organization, including SOX requirements, the Project Governance Checklist, and report completeness and accuracy

• Assist in the facilitation of monthly, quarterly, and annual review activities

Support Risk Management and Compliance:

• Participation in risk assessment activities across the organization, including 3rd party technical risk assessments

• Participate in risk management, compliance, and internal control initiatives as needed

The Right Place for You

We are bold, kind, strive to do the right thing, we play to win, and we believe in a strong community that thrives together. Our culture is rooted in our , and we believe in supporting every employee by meeting their physical, emotional, and financial needs.

What we are looking for:

Minimum Requirements:

• Bachelor's Degree required

• 1 year of internal controls, audit, information security or technology process required (inclusive of internships)

• High personal standards of integrity

• Effective spoken and written communication skills

• Trustworthy - Exercises discretion and protects the privacy of Company and personal information, conversations, and communications

• Ability to maintain organizational respect and trust

• Ability to maintain organizational relationships with both business and IS

• Willingness to learn

• Attention to detail and ability to implement

• Ability to work effectively independently or collaborate with a broader team

• Ability to adapt to changing requirements

• Ability to document processes, roles, key decisions, and other work session outputs

Additional skills and experience that we think would make someone successful in this role (not required):

• Experience with IT General Controls

• Experience with Sarbanes-Oxley (SOX) compliance

• Experience with IT service management processes (change, incident, or problem management)

• Experience with identity and access management processes

• Understanding of business process controls, application controls, and interface controls

• Experience with corporate standard systems including, but not limited to: ServiceNow, Workiva, Oracle GRC, Oracle eBusiness Suite, HP Service Manager, and HP Project & Portfolio Management

Learn more about working at Smucker:

Follow us on