IT Access & Controls Senior Manager

Job Description: IT Access & Controls Senior Manager

Location: 100VE/Kingston
Scope: Global
Work Level: WL2C
Reports to: Ritu Nibber, Global Risk & Controls Lead

Join a high‑performing team, explore Unilever’s organisation and strengthen its risk & control environment. Are you up for it?

BACKGROUND

The Group Chief Accountant’s Department (GCAD) is Unilever’s centre of expertise for accounting, reporting and controls. Within GCAD, the Risk & Controls team stewards Unilever’s global internal control frameworks and compliance obligations (including SOx), partnering across Business Groups, Operations and Functions to ensure robust, future‑fit controls as the organisation continues its digital transformation.

Unilever’s access and IT control landscape is anchored in our Global Access Controls Framework (GACF), IT General Controls (ITGC), Identity & Access Management (IAM) Standard, and the Access Schedule of Authority (SOA) policy—supported by platform‑specific control guides and automation. The IT Access & Controls Senior Manager plays a pivotal role in harmonising these standards globally and embedding ‘controls by design’.

PURPOSE OF THE ROLE

The role is responsible for leading the global strategy, design, rollout, and continuous enhancement of identity, access, and IT general controls across Unilever’s key financial and supporting systems. This includes improving and governing the integrated control framework to ensure it stays aligned with industry’s best practices and emerging technologies. The position drives optimisation initiatives, redesigns control’s where needed, and partners with IT teams to embed new or improved controls effectively.

Because Unilever is subject to U.S. Sarbanes‑Oxley (SOX) regulations, the role must build strong partnerships with external auditors to interpret evolving regulatory changes and translate these into practical implications for Unilever’s IT control environment. The role also supports regulatory‑related changes that influence risk monitoring and reporting.

Success requires deep expertise in technology risk and controls, the ability to understand business requirements, and skill in translating technical control needs into clear, actionable guidance. The role collaborates closely with business transformation programmes to ensure well‑designed controls and appropriate monitoring mechanisms, covering programme, automated, and technology‑based controls.

A major part of the mandate is using technology to enhance the efficiency and automation of control operations. The role participates in implementing technology solutions that strengthen Unilever’s control operating model and partners with Technology, Cyber Security, Data Governance, Process Excellence & Capabilities (PEC), the Control Service Centre (CSC), and Markets to ensure strong risk management, audit readiness, and built‑in compliance.

KEY ACCOUNTABILITIES

• Own and evolve Unilever’s Global Access Controls Framework (GACF) and ITGC control sets, ensuring clear control intent, design standards, evidence expectations and risk‑based scoping for in‑scope systems.
• Translate the IAM Standard and Access SOA policy into actionable, system‑specific requirements (JML lifecycle, SoD, approval authorities, emergency access, logging/monitoring).
• Chair cross‑functional governance forums to align priorities, exceptions and remediation paths.
• Support the IT SOX compliance programme end‑to‑end: planning, scoping, risk assessment, controls testing, remediation and reporting with the
• Perform annual and ongoing IT risk assessments to identify critical systems impacting financial reporting.
• Ensure change management controls are designed, documented and tested for SOX compliance.
• Embed preventative and detective controls across JML, SoD, periodic reviews, PAM and emergency access.
• Drive automation of SOX controls and evidence collection to improve efficiency and reduce manual effort.
• Provide guidance and training to IT and business stakeholders on SOX requirements and control discipline.
• Build capability across Markets, CSC and Tech teams via communities of practice and benchmarking.
• Define and publish KPIs/KRIs and drive control automation and simplification.

SKILLS AND EXPERIENCE REQUIREMENTS

• Experience of managing and driving control optimisation implementation and ideally experience with change management for success operation
• Thorough understanding technology and business controls across core processes and systems e.g. Finance and Reporting, Supply Chain, Purchase to Pay, Order to Cash, etc.
• Thorough understanding of IT General Controls, including Information Security, Cybersecurity, programme Change, Data Risk and Change Management for IT
• Thorough understanding of SAP including good practice SAP Role Concept and Segregation of Duties design, IT General Controls, Report Testing, Interfaces, and Automated Business Controls. SAP S/4 HANA knowledge will be an advantage.
• Thorough understanding of GRC tools (SAP Access Controls/Process Controls, ServiceNow, etc.) for monitoring of Process and Access Controls and an understanding of the risk management module.
• Experience delivering IT audits an advantage. 
• CISA (Certified Information Systems Auditor) and CISM (Certified Information Security Manager) certifications preferred
• Experience working in a high performing team, leading projects and working with senior stakeholders. 
• Strong communication and influencing skills, bringing the ability to explain technical concepts to a wider business audience
• Experience and awareness of working in multicultural and multilocation teams, ability to manage offshore teams for design and operation of controls
• Experience of project management, particularly for complex, multi-stakeholder change programmes

KEY RELATIONSHIPS

• GCAD (Risk & Controls, Reporting) and Control Service Centre (CSC)
• Technology Platforms & Product Owners; Cyber Security (ISOC)
• Process Excellence & Capabilities (PEC); Data Governance
• Market Finance/Tech teams; Internal Audit; External Auditors

LEADERSHIP BEHAVIOURS

Care Deeply

We care about how consumers experience our brands, the growth and development of our people, and our impact on the planet. We emphasise the importance of performance and care, moving from ambiguity about success to fairness and transparency. The successful candidate sets high standards, demonstrates strong learning agility and cares for the development of others.

Focus on What Counts

We prioritise what truly matters, setting clear and stretching goals. We shift from many priorities to fewer, bigger things delivered to conclusion. The successful candidate evaluates and prioritises initiatives that deliver high impact to the business and function.

Stay Three Steps Ahead

We encourage bold and creative thinking to make breakthroughs in performance. We anticipate emerging risks and trends, moving from reacting to leading and shaping. The successful candidate understands emerging risks and thinks outside the box to make the right control recommendations.

Deliver with Excellence

We deliver with excellence and pace, taking personal ownership and holding each other accountable shifting from pride in thinking to pride in execution. The successful candidate is results‑oriented, uses data and insights to make decisions and recommendations, and takes personal responsibility and accountability.

TRAVEL

Limited Global travel depending on portfolio needs.

NOTES

Please apply via this portal; email applications may not be processed.

By applying, you confirm you have informed your Line Manager and that this is an appropriate point in your Unilever career to apply.

If you require additional information or reasonable adjustments to present your best self, please contact the Talent Partner listed on this vacancy.

What we offer

Whilst the role is advertised on a full‑time basis, we are happy to discuss possible flexible working options. We strive to achieve a family‑friendly and inclusive workplace and, above all, create possibilities for all.

Diversity at Unilever is about inclusion, embracing differences, creating possibilities and growing together for better performance. We give full and fair consideration to all applicants and continue development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. We are happy to provide reasonable adjustments during our application and interview process so you can present your best self.