Apply now »

Job Title:  Service Manager - Access Risk & Controls

Job Number:  17304

British American Tobacco is all about freedom of choice — whether it’s our people or our products. Combined with our entrepreneurial spirit, it’s what’s driven our phenomenal success. We started trading tobacco over a hundred years ago. Today, we’re a multibillion dollar company with more than 200 brands in our portfolio. With robust positions in each of our regional markets, our future looks equally bright too. There’s no doubt our industry is controversial — we’re the first to admit that. But rest assured, we take a responsible approach to our trade. In our market, we observe every law and regulation regarding tobacco (in many cases going further through our own voluntary code).


Ensure that IDT Services meets its Access domain compliance obligations including SOx and GDPR.


  • Nurture a culture of simplification and efficiency.
  • Build partnership relationships across IT Services to support the delivery of IDT Services Access domain compliance objectives.
  • Understand the end to end IDT Services operational current state, landscape and accountabilities in order to ensure meaningful and agile Access domain compliance.
  • Provide immediate oversight of IDT Access domain compliance, including SOx, GDPR and operational compliance, including the status of all activities required to resolve Access domain compliance issues.
  • Ensure that Access domain compliance issues within the IDT Services organisation are being appropriately evaluated, investigated and resolved.
  • Manage day to day Access domain control operation tracking.
  • Maintain the IT’s Simply SOx Hub Access domain contents.
  • Act as a centre of expertise on IDT Services Access domain compliance in support of all IDT Services individuals with Access domain compliance obligations.
  • Monitor Access domain compliance to understand trends and identify areas where improvement can be made.
  • Support ongoing Access domain compliance improvement activities.
  • Coordinate the IDT Services response to changes in Access domain compliance scope, including control design changes; RACM changes; scope changes; system changes; and vendor changes.
  • Coordinate the IDT Services involvement in Access domain IT Cycle Testing.
  • Ensure the use of global, standardised IDT Service Management Access domain processes.
  • Promote a strong code of ethics and integrity in IDT Services.



  • IDT Services Process Controls and Reporting Team
  • IDT Security and Compliance Team
  • IDT Services control owners and control operators
  • Business Controls Team
  • Internal Audit (IT)
  • External Audit (KPMG)



  • Degree Educated, with post graduate work experience in an IT Services environment and /or business facing IT role
  • Experience with IT Access management and Management of Joiner, Mover and Leaver processes
  • Experience with operational compliance for a large, multi-national organisation (or audit background) in relation to IT controls, ideally in IT Access management
  • Good stakeholder and risk management skills
  • Experience operating in a complex geographical/ functional matrix organisation
  • Knowledge of best practice IT Service Management
  • Good grasp of BAT business model and components, IT landscape, service catalogue and roadmap
  • An ideal candidate from a non-BAT background will take 2-4 months to learn BAT processes and governance before being fully productive



  • Industry-recognised audit qualification
  • SOx
  • Experience with GDPR compliance for a large corporation

If you’re passionate and ambitious, rapid career progression is a reality here. And because we’re such a large firm (we employ more than 55,000 people worldwide), there are plenty of exciting opportunities for you to develop a truly extraordinary career.

Job Segment: Service Manager, Risk Management, Manager, Compliance, Internal Audit, Customer Service, Finance, Management, Legal

Apply now »
Find similar jobs: