Share this Job

Senior Director - Compliance


Thomasville, GA, US

Date:  Jul 12, 2021


Perform day-to-day management of the compliance and access management organizations (including staffing, budgeting and other relevant management functions) and hold all teams accountable for optimizing the cost, risk and value of access management and compliance services for the business.  Manage compliance and access management personnel, developing their skills and capabilities to meet the needs of the organization, as well as building on existing recruiting capabilities to address new needs and skills gaps. Develop technology policies and procedures based on compliance with current regulatory, commercial and organizational technology requirements and work with process stakeholders on implementation.  Create an IT compliance risk assessment framework and periodically assess the regulatory, commercial and organizational, inherent and residual IT compliance risks. Identify the associated IT compliance control gaps and oversee the documentation, implementation and testing of the entire IT SOX and operational compliance control portfolio. Develop and direct IT compliance control monitoring programs to ensure IT compliance-related risks are managed to the appropriate level of acceptable residual risk.  Implement and maintain an IT compliance issue management tracking and resolution process that will address known issues, according to severity and potential impact to the organization. Report the levels of IT compliance risk and control effectiveness to key stakeholders and Flowers leadership as appropriate. Collaborate with internal and external auditors in support of SOX and operational audit activities. Coordinate audit-related tasks such as ensuring the readiness of IT managers and their organizations for audit testing and facilitating the timely resolution of any audit findings.  Manage the overall IT compliance-related budget/financial spend in accordance with the desired IT compliance risk appetite of the organization.

Job Responsibilities


  • Provide technological advice and insight on compliance requirements to Flowers business partners.  
  • Assist business and IT management with the acquisition of tools and expertise to assist with IT compliance-related projects and initiatives.
  • Develop, implement, and maintain an IT compliance training and awareness program that periodically educates the requisite end-user community on the relevant IT compliance requirements, and certifies their adherence to the relevant IT compliance controls.
  • Establish, implement, and maintain a formal access management program for Flowers information systems.
  • Ensure adherence to program lifecycle components and overall maturity roadmap.  policy for access management and oversee compliance to that policy for all Flowers information systems.
  • Oversee or directly manage processes that ensure appropriate access is maintained. This includes access requests, access changes, access reviews, and access termination.
  • Manage IDAM technologies including IDM, SAP GRC, Single Sign On, Identity Federation, Privileged Access Management (PAM) and others.
  • Primary owner for SAP application security, including ECC, GRC, BW, HR, CRM and other modules. 
  • Oversees approval for all role design or modifications and user provisioning for user base.
  • Work with business team owners, internal audit, and IT group to support audits and ensure ongoing compliance with state and Federal regulations related to Access controls (SOX, HIPAA, etc.)  
  • Oversee or execute periodic monitoring of access, particularly for critical processes (basis access, HR, financial, master data, etc.)
  • Assessment and mitigation by working with risk owners on any potential segregation of duties or other access risks/conflicts.  
  • Manage relationships with major vendors and service providers to ensure they cost-effectively meet the needs of the organization.
  • Perform other duties which are deemed by management to be an integral part of the job, including, but not limited to fulfillment of work schedules, adherence to attendance policies, and other applicable operating rules, policies and procedures.

Desired Experience

  • Must have 2 years’ experience in the job offered or as a Sr. Manager – Internal Audit or Manager – Internal Audit or Sr. Analyst – Internal Audit in the following (can be gained concurrently with experience outlined above):
  • Assist in developing and implementing a company -wide internal audit and financial compliance program aimed at evaluating accounting and operating procedures and ensure compliance with the Company’s internal accounting policies.
  • Assist in developing and maintaining an ongoing comprehensive risk-based methodology.
  • Responsible for planning, directing and executing all compliance reviews, review and evaluate internal controls, identify control and operational weaknesses, and recommend procedures to improve business practices and policies.
  • Responsible for planning, directing and performing all financial and operational reviews which address accounting risk, business risk, and regulatory risk, develop recommendations around existing controls in place as well as the necessity to develop new controls.
  • Knowledge of information technology management frameworks such as for Sarbanes Oxley, CoBIT, NIST, COSO.
  • Background check and drug screening required. 
  • Employer will accept any suitable combination of education, training or experience.

Desired Education

  • Master’s Degree in Business Administration or Computer Science or Finance.  
  • Certified Information Systems Auditor (CISA) Certification

We offer a competitive salary and an excellent total rewards package.  Please reply at careers.flowersfoods.com.


Equal Opportunity Employer/Veterans/Disability


If you need assistance with submitting your resume due to a medical condition or disability, please send an email to HR.LSFlowers@flocorp.com and reference Job #57320.00027.

Nearest Major Market: Thomasville
Nearest Secondary Market: Valdosta

Job Segment: Compliance, Manager, ERP, Law, Information Systems, Legal, Management, Technology