Senior Technical Manager, Information Security

The Technical Expert – Security, Access Controls & Compliance is responsible for the execution, monitoring, and audit support of Segregation of Duties (SOD), user access controls, and automated financial controls (AFCs) within the Oracle Fusion Cloud and SailPoint (IdentityIQ) environments.

This role plays a critical part in supporting / 52-109 (SOX in the US), ITGC, and external audit requirements by producing control evidence, maintaining SOD rule logic, performing weekly monitoring activities, and supporting remediation efforts. The role works closely with Compliance, Security, IT Operations, Finance, HR, and external auditors to ensure access-related controls are operating effectively and are audit-ready.

Segregation of Duties (SOD) Management

• Maintain and administer the SOD Master List, consolidating legacy and current SOD rules from SailPoint and Oracle environments.
• Perform weekly SOD monitoring, including execution of reports, validation of results, and documentation of outcomes.
• Review, analyze, and validate SOD rule logic, mappings, and descriptions across Finance, HCM, PPM, and Supplier modules.
• Identify SOD violations, support investigation activities, and track remediation actions through tickets and supporting documentation.
• Maintain SOD evidence in SharePoint repositories in accordance with audit and retention requirements.

Access Controls & Identity Management

• Generate and analyze IdentityIQ and Oracle Security reports, including user role privileges, role membership, access history, and sensitive access.
• Support access reviews related to elevated access, configuration roles, and sensitive privileges.
• Coordinate with Identity Operations and IT teams to support provisioning, de‑provisioning, and access corrections.
• Assist with the removal of roles for terminated or inactivated users in line with established procedures.

Audit & Compliance Support

• Provide audit evidence for 52-109 / , ITGC, and external audits (e.g., PwC), including reports, data extracts, and walkthrough support.
• Participate in audit walkthroughs and pre‑audit readiness sessions related to SOD, AFC, AAC and access controls.
• Respond to auditor inquiries by producing clear, traceable evidence and explaining system behavior and control design.
• Support remediation efforts where control gaps or audit observations are identified.

Reporting & Data Analysis

• Produce weekly and ad‑hoc reports related to:
  • SOD violations
  • User access and configuration roles
  • Automated Financial Controls (AFC) monitoring
  • Advanced Access Controls (AAC) monitoring
  • Compliance dashboards and scorecards
• Validate report accuracy, logic, and formulas prior to submission to Compliance or Audit teams.

Process & Documentation Support

• Support the development and maintenance of SOPs, process flows, and control documentation related to SOD and access monitoring.
• Ensure documentation reflects current system behavior, control design, and operational practices.

Cross‑Functional Collaboration

• Collaborate closely with Compliance, Security, Finance, HR, and IT Operations teams to resolve access and control issues.
• Participate in weekly scrums, working sessions, and control review meetings related to security and compliance activities.

Required Skills & Competencies

Technical Skills

• Strong knowledge of Oracle Fusion Cloud (Finance, HCM, PPM, Supplier modules)
• At least 7 years of specialization in SailPoint / IdentityIQ or comparable identity governance tools
• Experience with SQL
• Strong reporting building skills
• Advanced Microsoft Excel skills for control tracking, analysis, and reporting
• Familiarity with access controls, SOD concepts, and audit evidence requirements

• Develop strategy for redefining SoD within WSP

Compliance & Audit Knowledge

• Knowledge of ICFR is preferable; experience with SOX, 52-109, and ITGC requirements is expected.
• Experience supporting internal and external audits
• Ability to translate technical system behavior into audit‑ready explanations

Professional Skills

• Strong attention to detail and data accuracy
• Ability to manage recurring weekly control activities with consistency
• Effective written and verbal communication with technical and non‑technical stakeholders
• Ability to work across time zones and with global teams
• Ability to work independently
• Self-motivated
• Able to direct and manage offshore resources
• Able to create Executive-level PowerPoint presentations
• Strong communication skills
• Well versed in creating reports in OTBI
• Experience with SQL.

BGV:

• Employment with WSP India is subject to the successful completion of a background verification (“BGV”) check conducted by a third-party agency appointed by WSP India.
• Candidates are advised to ensure that all information provided during the recruitment process — including documents uploaded — is accurate and complete, both to WSP India and its BGV partner”.