This job posting isn't available in all website languages

Senior Manager- RGC Compliance Analyst

Vodafone Shared Services India


Role title: RGC Compliance Analyst

Function: Finance

Department: Finance Operations Controls and Risk Management (RGC)

Reports to: RGC Access Compliance Lead

Location: Pune

Role purpose:  Vodafone has recently completed its largest business transformation project for back office Finance, Supply Chain and HR operations and we now have over 100,000 users of this solution in over 20 countries. With such a large user base working across multiple business process areas, User and Access Management is extremely important to our business. To this end, we have a Global Roles, Governance & Compliance (RGC) Team governing role design and user access management controls. This is a fantastic team, at the heart of our business processes and solutions, working with colleagues in multiple disciplines all around the world.

The Compliance Analyst plays a critical role in development and management of the compliance to the Vodafone user access related policies. He/she manages the compliance team and will ensure that all the SOX controls are performed and that all SLAs are met. The Compliance Analyst is responsible for performing the annual review of the risk set with the process experts to ensure completeness of the risks. Changes to the GRC Rule Set configuration are approved by the Compliance Analyst as is the completeness review once it has been performed by the Compliance analyst.

The Compliance Analyst will advise the RGC Manager of additions/updates to the compliance related policies to ensure they remain up to date and world class. Finally the Compliance Analyst will be responsible for defining and delivering the roadmap to improve the compliance function within Vodafone Access Management.

The Compliance Analyst plays a critical role across a number of areas to ensure 100% governance of access to our critical business systems. 

He / She will be a central focal point for

          i.            governance reviews of role designs prior to finalising the proposed updated

        ii.            governance reviews of user access requests prior to assigning the access

       iii.            defining and maintaining updates to the GRC rule set

      iv.            ensuring completeness of the rule set

        v.            documenting and assigning mitigations

      vi.            maintaining fire fighter master data

     vii.            ensuring fire fighter control completeness

   viii.            monitoring access violations and define remediation plans 

       ix.            assess the risk set for completeness and relevance to the Vodafone Core Business Model

        x.            define requirements for GRC solutions and manage delivery of enhancements

       xi.            approve updates to the GRC Rule Set configuration

     xii.            develop compliance policies and procedures

    xiii.            manage the compliance roadmap

Key accountabilities and decision ownership

[max 5]:


·       Review access risk simulations and determine appropriate action and/or approval

·       Manage the GRC Access Risk rule set to ensure accuracy and completeness. Define and assign mitigations for access risks

·     Ensures that all user processes are controlled in line with the Global IT and SOX Controls

·       Managing fire fighter master data for completeness and appropriateness

·     Ensure smooth delivery of the RGC Projects and Improvement Initiatives

·       Periodically review access violations and manage remediation plans

·     Assess the risk rule set for completeness and relevance to the Vodafone Core Business Model

·     Define requirements for GRC solutions and manage delivery of enhancements

·     Approve updates to the GRC Rule Set configuration

·     Develop compliance policies and procedures

·     Manage the compliance roadmap

Core competencies, knowledge and experience [max 5]:


·       Detailed understanding of SAP Authorisations

·       Expertise in maintaining GRC Rule Set at permission level

·       Experience of maintaining and assigned mitigation controls within SAP GRC Access Controls

·       The ability to translate access risks into SAP transaction and permission settings

·       Excellent written and oral communication skills

Must have technical / professional qualifications:

·     Detailed knowledge of SAP authorisations

·     Detailed knowledge of SAP GRC preferably with SAP Certification

·     Ability to work in a global environment

·     Ability to work under time pressure

Budget owned:

Not applicable

Key performance indicators [max 3]:

·     Reduction in unmitigated access risk violations

·     100% of compliance reviews completed within SLA

Direct reports:

Not applicable

Dotted reports: Not applicable

Key stakeholders: Internal and External Auditors, IT & Business SOX Controllers, EVO Service Managers, User Administration Team, Global Process Experts, RGC Role Designers, Fire Fighter Owners, Fire Fighter Controllers


  • Minimum 5 years’ experience of administering SAP GRC 10

  • SAP GRCCertification

  • General functional knowledge of business processes and SAP authorisations

  • Ability to work in aglobal environment

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Vodafone Shared Services India

Vodafone Shared Services India, Pune, India

📁 Finance

Vodafone Group

Vodafone Shared Services India, Pune, India

📁 Finance

Vodafone Shared Services India

Vodafone Shared Services India, Pune, India

📁 Finance