IT SOX Manager

About the role

This role is for an IT SOX Manager.

What you will become a part of

Join CCEP’s IT Risk & Compliance team and help protect the digital ecosystem of one of the world’s leading FMCG organisations. You’ll collaborate with colleagues across multiple countries, work closely with diverse business and technology teams, and contribute to strengthening CCEP’s internal control environment. This role gives you the opportunity to be at the forefront of cybersecurity, regulatory compliance, and IT risk management while supporting transformation programmes that shape our future technology landscape.

What you will do

As an IT SOX Manager, you will play a key role in ensuring that CCEP’s IT systems, processes, and controls comply with internal policies, SOX requirements, and relevant industry frameworks. Your responsibilities will include:

• Managing end‑to‑end SOX compliance for IT General Controls across all CCEP markets.
• Overseeing control execution, evidence quality, remediation activities, and closure tracking.
• Leading SOX audits, working closely with internal and external auditors.
• Driving annual scoping activities, walkthroughs, documentation updates, and IT risk/control evaluations.
• Ensuring transformation projects and system integrations meet SOX and internal compliance requirements.
• Providing 2nd Line of Defence oversight for IT control compliance and control owner attestation.
• Maintaining performance visibility in GRC dashboards and reporting tools.
• Training IT and business teams on IT Risk and Control concepts.
• Preparing management reporting on Information Security risk, control performance, and audit findings.
• Building strong partnerships with key teams, including Enterprise Risk Management, Business Continuity & Resilience, Corporate Security, Finance Internal Controls, and Internal Audit.

What we expect from you

You bring a blend of technical expertise, risk awareness, and a collaborative mindset. Specifically, we are looking for:

Qualifications & Experience

• A degree in Computer Science, Information Systems, Business, or a related field.
• 4+ years of IT experience within Information Security, IT Risk, or similar domains.
• Proficiency in English.
• Hands‑on SAP experience (ECC, S/4, GRC) including user access management, authorisations, and SOX control analysis.
• Experience managing and executing SOX IT General Controls, with strong capability in SAP control performance.
• A background in delivering audits, assessments, or compliance initiatives—BIG-4 experience is a plus.
• Experience working in large, complex, multinational environments.
• Strong analytical skills, a continuous improvement mindset, and the ability to simplify complex IT topics for business stakeholders.

Preferred Certifications

• CISM, CISSP, CISA, CRISC or similar industry-recognised qualifications.

Technical Skills

• Understanding of IT security management systems and frameworks (NIST, ISO 27001).
• Experience implementing or operating GRC workflows and SAP Process Controls (CCM).
• Strong knowledge of enterprise applications, particularly ERP and financial systems.

We recognise some people prefer not to participate in alcohol related sales, interactions, or promotions. If that’s true for you – please raise this with your talent acquisition contact who will advise you on whether this role includes activities related to our alcohol portfolio.