Business Controls Manager - Advisory

BAT is evolving at pace into a global multi‑category business. Our purpose is to create A Better Tomorrow™ by Building a Smokeless World. To achieve our ambition, we are looking for colleagues who are ready to join us on this journey! Tomorrow can’t wait, let’s shape it together!

British American Tobacco DBS has an exciting opportunity for a Business Controls Manager - Advisory in Sunway City, Selangor

Your main responsibility includes supporting BAT’s Risk Management & Governance Framework (SOx compliance, testing, and reporting), including project advisory. You would also lead and manage IT SOx Design and Operating Effectiveness for BAT IT processes, with emphasis on IT Automated Controls (ITAC) and IT General Controls (ITGC). Deliver Internal Controls Assurance using structured tools and techniques, focusing on IT applications, automation, and continuous improvement. Provide controls advisory on key IT transformation projects, including S/4HANA, to ensure robust risk management and control practices. Manage outsourced testing teams to ensure high‑quality SOx and controls assurance activities, acting as part of the second line of defense.

• Champion the Business Controls Team’s role as the second line of defense, supporting the delivery of BAT’s Internal Controls Framework and the Three Lines of Defense model
• Provide controls advisory for new and upcoming projects, including end‑to‑end process and control understanding, covering system architecture, data flows, control points, and dependencies
• Control design advisory, ensuring new controls are fit‑for‑purpose, aligned to SOx and BAT policies, and support scalable compliance
• Control readiness assessments prior to go‑lives or major breakthroughs, identifying design gaps, remediation needs, and implementation risks
• Data migration control review, ensuring lineage, reconciliation, completeness & accuracy controls are in place, and validating cutover documentation and evidence
• Continuous guidance to project teams to embed controls early ('shift left') and reduce post‑implementation risks
• Ensure all controls assurance activities, documentation, and SOx testing are delivered in line with BCT Methodology, Auditing Standards, and standard processes, enabling reliance from External Audit
• Provide expert advisory and recommendations to control owners and business partners, supporting effective remediation, continuous improvement, and strong risk management practices
• Champion automation and AI initiatives, driving control simplification and reducing complexities while meeting compliance requirements
• Manage and coach outsourced testing partners and internal team members, delivering training and feedback to build global internal controls capability and performance
• Collaborate with third‑party auditors to facilitate smooth audit processes and timely resolution of audit queries
• Support management reporting, including preparing papers and presentations for steering committees and audit committees
• Develop and implement KPIs for measuring compliance performance, and champion the use of dashboard analysis and reporting to drive actionable insights
• Work collaboratively with key business partners and all three lines of defense to ensure smooth conduct of audit‑related testing and remediation activities

• Degree educated or professional Internal Controls qualification (e.g., CISA, CISSP, CIA, ACCA, SAP certification in Financial Accounting module / S/4 Finance or equivalent)
• 5+ years IT risk, internal controls or audit experience with significant accounting firm or corporate industry experience
• Experience in global FMCG, Big4 or similar dynamic operating environment is advantage
• Proven experience in IT audits and business process controls across complex systems such as SAP ECC, S/4HANA Finance, and GRC solutions; skilled in identifying control gaps and driving improvements, including understanding of GRC SOD Rulesets
• Hands‑on expertise in IT General Controls (ITGC) and IT Automated Controls (ITAC), including design, assessment, and testing across domains (access, program change, program development, computer operations, cybersecurity)
• Proven experience in internal or external audit, SOx testing, and the ability to identify control gaps and recommend practical solutions
• Experience working in or with Big 4 accounting firms, or in similarly dynamic, global environments
• Demonstrated ability to provide controls advisory to project teams, especially during major system implementations, ensuring robust automated controls are designed, tested, and embedded
• Experience in reviewing outsourced IT operations and assessing Third‑Party Assurance reports (e.g., SOC reports) for adequacy and impact
• Ability to contribute to continuous control optimisation initiatives, including automation, AI, and control simplification, within the risk and control framework
• Strong knowledge of internal controls practices, principles, procedures, and corporate governance requirements for a global organisation, including Internal Controls over Financial Reporting (ICoFR)
• Experience managing teams, including coaching, developing, and building high‑performing internal controls or audit teams, especially in ITAC controls environments
• Critical problem‑solving skills and a keen interest in analysing business data with attention to detail
• Proven leadership and ability to work collaboratively with key business partners and all three lines of defense to ensure smooth conduct of audit‑related testing and remediation activities

• We offer a market leading annual performance bonus (subject to eligibility)
• Our range of benefits varies by country and includes diverse health plans, initiatives for work‑life balance, transportation support, and a flexible holiday plan with additional incentives
• Your journey with us isn’t limited by boundaries; it’s propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn’t just a statement – it’s a reality we’re eager to build together. Seize the opportunity and own your development; your next chapter starts here.
• You’ll have access to online learning platforms and personalized growth programs to nurture your leadership skills
• We prioritise continuous improvement within a transformative environment, preparing for ongoing changes

We’re one of the few companies named as a Global Top Employer by the Top Employers Institute – certified in offering excellent employee conditions.

Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio‑economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.

We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (i.e. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).

Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award‑winning employee experience here.

If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.