Manager, Technical Product Management

McDonald's Corporation•Chicago, IL

27d

About The Position

The Manager for SOX Compliance will manage and govern SOX-related IT applications, focusing on Access Management, Change Management, Segregation of Duties (SOD), and remediation of deficiencies identified by internal and external audits as it relates to GI Mod (Global Indirect Modernization) using SAP Ariba software. This role requires a strong understanding of SOX requirements, IT controls, and audit methodologies, as well as the ability to provide strategic recommendations and implement corrective actions to ensure compliance and mitigate risks. GI Mod is a global transformation that establishes a new Indirect Sourcing and Procurement operating model and implements “One McDonald’s Way” for indirect sourcing and procurement worldwide. This role reports to the Sr Manager Technical Product Management and partners closely with cross‑functional leaders to ensure SOX compliance on the SAP Ariba software.

Requirements

Minimum of 4 years of experience in IT audit, SOX compliance, or a related field.
Strong knowledge of SOX requirements, IT general controls, and audit methodologies.
Experience with SAP Ariba.
Proven ability to plan, execute, and deliver complex programs with measurable business outcomes.
Strong communication and presentation skills.
Demonstrated success leading cross‑functional, multi‑team initiatives.
Strong organizational skills with the ability to balance strategic thinking and attention to detail.
Proactive, resilient, and adaptable leader with a continuous‑improvement mindset.

Responsibilities

Execute the IT SOX compliance operating model for the SAP Ariba application, maintaining standards, governance routines, and metrics that support sustained adherence to internal control requirements.
Lead access governance and periodic user access reviews for SAP Ariba (joiner/mover/leaver, privileged access, recertifications): drive schedules, coordinate stakeholders, ensure segregation of duties, follow up on exceptions, and confirm timely remediation with audit-ready evidence.
Manage vulnerability remediation for SAP Ariba in scope for SOX: support prioritization, coordinate plans, validate closure evidence, and provide risk and progress reporting to senior leadership.
Manage SOX-related IT change management controls for SAP Ariba by monitoring adherence to process requirements, validating approvals and evidence, and driving root-cause analysis and corrective actions for deviations.
Maintain and enhance Segregation of Duties (SOD) controls for SAP Ariba, including conflict analysis, compensating controls documentation, monitoring, and coordination of remediation to reduce fraud and error risk.
Support the senior manager in defining and executing the IT SOX roadmap for SAP Ariba (e.g., access management, change management, evidence automation) by developing plans, tracking dependencies, and surfacing risks and resource needs.
Coordinate with Privacy, Security, and Legal partners on regulatory requirements (e.g., GDPR, PII) to ensure they are reflected in Ariba control design, risk assessments, and audit evidence for in-scope processes.