Share this Job

IT Analyst - Governance, Risk & Compliance 1

Date: Feb 11, 2021

Location: Madrid, MD, ES

Company: Beam Suntory

Beam Suntory is Crafting the Spirits that Stir the World. Rooted in two centuries of family heritage, Beam Suntory has evolved into the world's third largest leading premium spirits company ... where each employee is treated like family and trusted with legacy. With our greatest assets - our premium spirits and our people - we're driving growth through impactful marketing, innovation and an entrepreneurial spirit. Beam Suntory is a place where you can come Unleash your Spirit by making an impact each and every day.



IT Analyst - Governance, Risk & Compliance 1  


The following position is is open in MadridSpain.


What makes this a great opportunity?

•Beam Suntory is a leader in the spirits industry with a track record of profitability and growth
•Opportunity to help shape the information security roadmap of the future
•Growth potential beyond this role


Role Responsibilities

Job description

The IT Governance, Risk and Compliance Analyst is a key member of the global information security team who works collaboratively with IT within the overall IT Security function, focusing on IT governance, IT Controls and broadening of the IT Compliance and Risk Management programs.

This position supports the ongoing IT Security risk management program and building out the new IT Compliance function within the Information Technology organization, being primarily focused on design and implementation of controls and compliance activities as part of regularly scheduled processes (e.g., ITGC, system maintenance) and key initiatives (e.g., IT roadmap projects) at the Company.  Key responsibilities include:

  • Contributor to the Beam Suntory IT Governance, Risk and Compliance program
  • Assist in the development of IT Compliance function with a focus on NIST
  • Assists with GRC technology administration
  • Assist in the management of Beam Suntory’s NIST framework program, including coordination of periodic risk assessments, identification of new and changing requirements, and collaboration with Internal and External control owners and Audit teams to ensure appropriate risk coverage
  • Assist with Identity and Access Management tasks





  •  Assist the Beam Suntory IT Security team in monitoring the SOX compliance program. Act as lead for IT on key internal control related matters (Sarbanes Oxley (SOX) compliance, segregation of duties, policies and procedures, the design of controls in systems and processes, and evaluation of risk).
  • Serve as tower lead for outsourced IAM (Identity and Access Management) for Windows AD and IAM tool, which is performed by an outsourced third party organization.  Establish relationship with third party provider, escalate issues with vendor appropriately and work collaboratively with the vendor to resolve IAM issues.  Assist with SAP IAM tasks as needed.
  • Assist in serving as IT Governance, Risk, and Compliance (GRC) analyst and GRC tool administrator.  Administer periodic risk assessments, track issues/action plans and drive risk remediation actions to completion. Ensure GRC tool configuration in line with IT Compliance requirements. Perform administrative tasks around IAM review daily processes, reviews of administrative access, service accounts, terminated users, and other required reviews.
  • Serve as team member during IT projects formed to drive business process and systems enhancements with final word on controls related matters. Develop and proactively enhance IT controls by enhancing and supplementing policy, process, and standard operating procedures.
  • Support IT Roadmap projects by advising on minimum IT risks founded in NIST, SOX and best practices. 
  • Drive process improvement initiatives across the IT organization.


Qualifications & Experience

  • Bachelor’s Degree in management information systems (MIS), Accounting, Computer Science or Finance preferred though not required; CISA (or equivalent) preferred; or relevant technical experience
  • Ideal candidate has worked with a GRC tool, has some experience in IAM (Identity and Access Management) and has worked with business and IT functional areas to develop and implement mitigating controls
  • Experience with identity and access management (IAM)
  • Experience performing user administration in Windows Active Directory (AD) or SAP
  • Experience working with a third-party vendor for IAM a plus
  • Experience with GRC software (i.e. LogicGate, Archer or similar) a plus
  • NIST, AD, SAP experience
  • Relevant experience in IT controls or IT Auditing with some background in segregation of duties or financial controls
  • Experience of working in a global IT enterprise environment with knowledge of IT controls (change management) and systems audit requirements preferred
  • Some knowledge of financial/business processes and automated controls a plus with a focus on SAP or ERP financial and production systems experience
  • SAP or other Experience with Azure, Application Security tools, web-based security tools, SAP Security Vulnerability Management
  • Strong project management and prioritization skills – ability to multi-task as needed on various projects and initiatives
  • MS Office software suite knowledge required






At Beam Suntory, people are our number one priority, and we believe our people grow together in diverse and inclusive environments where their unique insights, experiences and backgrounds are valued and respected. Beam Suntory is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, military veteran status and all other characteristics, attributes or choices protected by law. All recruitment and hiring decisions are based on an applicant’s skills and experience.