Job Summary The Enterprise Systems Security Manager is responsible for safeguarding enterprise applications and IT environments through strong access governance effective IT control management and proactive risk and vulnerability coordination. This role partners closely with IT Compliance Audit and business stakeholders to ensure SOX compliance secure system operations and continuous improvement of the organizations IT control framework. The ideal candidate combines technical expertise with governance risk and people leadership capabilities.Key ResponsibilitiesApplication Access ManagementLead enterprise-wide application access management strategies including role design provisioning de-provisioning and periodic access reviews.Ensure least-privilege access principles are enforced across all critical systems and applications.Partner with application owners and IAM teams to resolve access-related risks and audit findings.SOX IT Controls ManagementOwn and manage SOX IT General Controls ITGCs related to access change management and system operations.Coordinate with Internal and External Audit teams to support SOX testing walkthroughs and evidence requests.Maintain documentation for control effectiveness control design and risk assessments.Control Design and ExpansionDesign implement and enhance IT control frameworks to support evolving business regulatory and security requirements.Expand IT controls into new systems applications and processes as the enterprise technology landscape grows.Evaluate control gaps and recommend scalable sustainable solutions.Remediation OversightOversee remediation efforts for identified control deficiencies audit findings vulnerabilities and compliance issues.Track remediation plans timelines and ownership to ensure timely and effective resolution.Validate remediation effectiveness and ensure issues are fully resolved before closure.Vulnerability and Risk CoordinationCoordinate vulnerability and risk management activities across enterprise systems.Partner with cybersecurity infrastructure and application teams to assess risk impact and prioritize mitigation efforts.Training and SupportProvide training and ongoing support to IT and business stakeholders on access controls SOX requirements and security best practices.Act as a subject matter expert for IT controls access governance and audit readiness.Promote a culture of accountability security awareness and compliance.Education and CertificationBachelors degree in information technology Computer Science Business Administration or a related field.Professional certifications such as CISA CRISC or CISSP are preferred.Experience5 years of experience in IT SOX compliance IT audit or IT risk management in a global organization.Proven experience with IT general controls ITGCs SOX 404 and related frameworks e.g. COBIT COSO.Familiarity with ERP systems cloud platforms and GRC tools is highly desirable.Skills and CompetenciesStrong analytical and problem-solving skills with the ability to identify risks and recommend solutions.Excellent communication and interpersonal skills to collaborate with diverse teams and stakeholders globally.Strong knowledge of IT control design operation and testing methodologies.Detail-oriented with strong organizational skills to manage multiple priorities effectively.Ability to work both independently and collaboratively as part of a global team.Additional InformationLimited travel required less than 10.This position will have direct reports but is also expected to work as an individual contributor as needed.This position requires a proactive approach to driving global IT compliance and control improvements. Circle K is an Equal Opportunity Employer.The Company complies with the Americans with Disabilities Act the ADA and all state and local disability laws. Applicants with disabilities may be entitled to a reasonable accommodation under the terms of the ADA and certain state or local laws as long as it does not impose an undue hardship on the Company. Please inform the Companys Human Resources Representative if you need assistance completing any forms or to otherwise participate in the application process.Click below to review information about our companys use of the federal E-Verify program to check work eligibilityIn EnglishIn Spanish