Finance and Economics IT Management & Business Others
3 - 5 Years
IT Risk & Control Officer - Financial Systems Specialist
It wasn’t so long ago that booking a trip to see the Eiffel Tower, stroll down New York’s iconic Madison Avenue or feel the sand between our toes on Copacabana Beach was simply a matter of a few taps on our smartphone.
In fact, that’s what we do at Booking.com. We make it easier for everyone to experience the world. And while that world might feel a little farther away right now, we’re busy preparing for when the world is ready to travel once more.
Across our offices worldwide, we continue to innovate. To solve for some of the most complex challenges in travel and technology, and to plan for the exciting developments that lie ahead. With strategic long-term investments into what we believe the future of travel can be, we are opening up new career opportunities that will have a strong impact on our mission.
We are united in the belief that our very human desire to explore the planet’s beauty and discover more about other people and cultures will endure. The world is waiting for us. Together, we will be ready.
The IT Risk Officer - Financial Systems Specialist has deep ERP IT controls expertise, specifically with SAP, with a strong working knowledge of SOx compliance. He / she is responsible for partnering with process and control owners in the Finance Function to ensure they have the knowledge, tools and support to deliver on their “first line of defence” responsibilities, which is in line with the Risk Function’s goal to embed a risk and control mindset across Booking. Furthermore, he / she contributes to the Risk Function’s aim for continuous improvement and ensuring our Booking.com controls framework is aligned to leading industry practices, by providing general and technical guidance on how to maintain relevant controls. The IT Risk Officer - Financial Systems reports to the Corporate Functions Risk Manager.
A successful risk professional at Booking.com requires a dynamic personality and ability to adapt in a rapidly changing environment. Furthermore, he / she should be able to collaborate with multiple stakeholders, be able to balance multiple competing priorities, and strive for continuous improvement to drive beneficial business outcomes.
Support process and control owners in Finance to identify and understand risks related to SOx and critical financial processes, and assist them in determining optimal controls to mitigate risks
Provide support to process and control owners in the design, implementation and amendment of controls
Support the use of SAP GRC Tools such as Security Weaver to help build sustainable control activities
Collaborate with team members on evaluating risks and designing controls for SAP and other financial systems in compliance with the various governing acts and procedures including Sarbanes-Oxley (SOX), PCI, GDPR, etc.
Identify controls based on risks for compliance areas in each of the IT and business processes
Support the financial system’s team to follow SDLC framework requirements during system transformations
Work with stakeholders to evaluate Segregation of Duties conflicts across financial applications and consult with business units in reducing the SoD conflicts and/or implementing mitigation controls to address risk
Perform risk assessments for new initiatives and projects for the Finance Function
Enable continuous improvement, maintaining our Booking.com controls framework, by providing general and technical guidance on how to maintain relevant controls
Support the business to maintain comprehensive documentation including flow charts, process narratives and risk and control matrices, segregation of duties matrices and any others required
Maintain risk register and track risk exposures against risk appetite
Embed awareness and ownership in the first line of defense via training and communication to process and control owners
Obtain stakeholder commitment for implementing required changes and coordinate and monitor implementation of changes by the Finance Function
Report on risks and control effectiveness to Internal and External risk / audit committee boards
Lead the program management of testing cycles and engagement with internal and external auditors
Support the Risk Management Team and the Internal and External audit teams to ensure that remediation plans are implemented on a timely basis for any deficiencies found
Escalate any challenges in meeting audit cycle timelines or executing change (e.g. stakeholder commitment, technical complexity or resource limitations) in a timely manner
Foster an intelligent risk culture across B.com through communication, training etc.
3+ years of experience gained within compliance, internal controls or audit
Deep working knowledge of SOx IT risks and controls
Familiarity with auditor testing methodology for SOx
2+ years experience with SAP ERP or SAP technologies is essential. Blackline and Ivalua are an added bonus
Understanding of both the internal and external risk environment
Familiarity with financial processes, specifically period end accounting and reporting, and understanding of taxes, treasury, procurement processes
Understanding of standard industry IT risk management frameworks such as COBIT, PCI, COSO, and CIS
Ability to multitask and successfully manage multiple priorities and projects
Adaptability and ability to work in an agile and rapidly changing business environment
We are a performance-based company that offers career advancement and lucrative compensation, including bonus. We also offer what is called the “Booking Deal” with competitive benefits. This position is open to worldwide candidates and in the case of relocation, we will assist you with a generous relocation package, ensuring a smooth transition to working and living in The Netherlands.