Mediabistro logo
job logo

Director - Information Services, Compliance

Albany International · Portsmouth, NH, USA ·

Job type:
Full Time

Director, Information Systems Compliance

Albany International is seeking a Director, Information Systems Compliance, to lead Albany's IT/IS compliance program with an emphasis on SAP risk and controls and SOX compliance. The role partners closely with SAP Security, SAP Basis, Enterprise Data Services, SAP Functional/Technical teams, and business stakeholders to design controls, manage testing, and maintain audit readiness across Albany's global environment.
Responsibilities include leading the IT/IS compliance program, including governance, control design, metrics, reporting; primary IT compliance interface with external audit technical partner and staff; assessing SAP and IT risks in a hands-on leadership role with direct accountability for the appropriate design of key controls (including SOX-relevant ITGC/application controls); actively engaging in control design, testing strategy, evidence review, and managing ongoing control performance and testing; serving as a key partner to SAP Security to ensure effective access controls, including user/role design and analysis (authorization objects), sensitive access, segregation of duties, and Fiori access considerations; owning SAP Governance, Risk, and Compliance (GRC) processes for Access Risk Analysis and Emergency Access Management, including evidence standards and control testing support; coordinating internal and external audits (including SOX) and managing walkthroughs, evidence collection, remediation plans, and closure validation; partnering with SAP Basis and SAP Development on change governance (transports, configurations, break-fix) to ensure controls are built into delivery and operations; partnering with SAP Functional/Technical and business teams to understand end-to-end processes and integration points (including FI) and their impact on financial reporting controls; maintaining SAP compliance documentation (policies, procedures, narratives, flow/architecture documentation as needed) and a controls inventory/testing calendar; supporting SAP Global Trade Compliance (GTC) and related compliance reporting processes; driving readiness and control design for SAP implementations and major releases; coordinating FI reporting system controls and integrations (MS BI a plus), and supporting SAP licensing and audit activities.
Formal Education & Certification: Bachelor's degree in information systems, Computer Science, Accounting, or a related field, or equivalent experience. 8+ years of progressive experience in IT risk, IT audit, cybersecurity compliance, or technology controls. One or more relevant certifications preferred (e.g., CISA, CISSP, CISM, CRISC, CPA).
Knowledge & Experience: Demonstrated experience leading SAP IT/IS SOX compliance in a US public company (risk assessments, control design, control performance, testing, and audit management) with strong understanding of GRC concepts. A strong mix of the following skills within the SAP S/4 HANA platform: SAP Security (Expert): user/role analysis (authorization objects), sensitive access, segregation of duties, and Fiori access considerations. SAP GRC (Expert): Access Risk Analysis and Emergency Access Management. SAP GTC (Good understanding): Compliance module concepts and control expectations. SAP Basis / Development (Good understanding): platform operations and change delivery processes. SAP Functional Modules (Good understanding): SAP business processes; configuration experience in at least one key module; integration with FI and impact on financial reporting. FI reporting systems (Good understanding): architecture, integration points, and common controls (MS BI, SAP Group Reporting a plus). SAP implementation experience highly desired (two or more implementation cycles preferred). SAP licensing and audit experience. Designing and operating controls for SAP ERP systems (ECC or S/4HANA), Microsoft 365/Azure, Active Directory, and major enterprise applications. Demonstrated ability to translate regulatory/control requirements into practical, sustainable processes within an IT operating environment. Partnering with cross-functional teams to remediate control gaps and improve processes without disrupting business operations. Excellent documentation skills, including procedures, narratives, evidence standards, and audit-ready artifacts. Comfort working with ambiguity and driving structured execution across multiple stakeholders and locations.
Personal Attributes: Highly organized, detail-oriented, and able to manage multiple audits and stakeholders. Clear communicator who can translate technical controls into business-ready guidance. Influences without authority and drives timely remediation and accountability.
Other Requirements: On-site at Corporate Headquarters (Portsmouth, NH); occasional travel as needed. U.S. work authorization required (no sponsorship available).