Person, Face, Man, Accessories, Accessory, Glasses, Portrait, Photography, Selfie

GRC Business Partner

Bristol, England, United Kingdom

GRC Business Partner

  • NE03229
  • Bristol, England, United Kingdom

About us

We're a truly international company, fourth largest in our industry and operating across 120 markets. An inclusive, innovative global FMCG business supported by over 27,500 employees. As we embrace a new era of growth, we are transforming. Our ways of working and culture are driven by a challenger mindset, constantly questioning the status quo. Our agility and entrepreneurial spirit, alongside award winning development programmes, enable innovation and success while creating exciting and rewarding career choices.

As we move forward, our customers will be at the heart of what we do, evolving to needs and expectations and committing to a more meaningful contribution to harm reduction by building a successful NGP business. Integral to our long-term success is our sustainability strategy, behaving responsibly and supporting our ambitions, all underpinned by high governance.

Encouraging inclusion at local levels and supporting a developing and robust diversity agenda globally, we’re fully committed to creating and maintaining an environment that celebrates and respects difference.

The role

This role will develop and maintain the Group’s internal control framework, ensuring that risks are mitigated in an effective and consistent manner. The role will effectively interact with 2nd Line functions as well as being part of formulating the evolution of Imperial’s control mechanisms and governance processes and will help drive major change initiatives to facilitate the design and implementation of appropriate control mechanisms and governance processes to pragmatically reduce risk.
Furthermore, this role supports the bottom-up risk assessment activities across an allocated area of the Group to support the Group’s wider risk assessment process and acts as a single point of contact towards 1st Line leadership on all Governance, Risk & Compliance related topics.

There has been a clear recognition by the Group’s Board that a robust and consistently applied risk management framework is essential to the success of the Group and as result we are now strengthening our existing capabilities by establishing a dedicated Governance, Risk & Compliance (GRC) function to bring together the required expertise into a single function consisting of both risk framework and control framework capabilities.
The GRC CoE will promote and support good practice risk identification, assessment, and pragmatic yet effective mitigation of relevant risks throughout the Group within its existing operations as well as part of the various change initiatives the Group is undergoing. The GRC CoE intends to ensure an effective and consistent control framework which can be executed upon globally by colleagues across the business, ensuring accountability in the business which will leverage the support of the CoE to implement a framework and controls developed by the CoE. The evolution of GRC, which the incumbent will help shape and participate in, will require the incumbent to be flexible and open to change as things develop.
The incumbent will be required to work effectively with members of the GRC CoE, the wider GRC community and other stakeholders to ensure not only effective development and deployment of our risk management and internal control framework, but also to support the creation of tools and methods to facilitate the ability to an holistic view of effectiveness of deployment and any major themes for addressing from a group, regional, cluster or business “vertical” perspective.

Key accountabilities

Within an allocated area of the business (1st Line) and allocated areas of central CoEs (2nd Line):

Risk Assessment

  • Perform the semi-annual bottom-up 1st Line risk assessment process, including agreement on key risks at local and regional levels with respective leadership teams.
  • Support the GRC Risk Manager in the Group wide consolidation of risk assessment outputs across 1st and 2nd line areas as input into the final top-down risk assessment process and subsequent external reporting processes.
  • Maintain the risk universe and related risk models for allocated 2nd line areas.

Define Risk Mitigation

  • Support 1st Line operations and 2nd Line functions in identification of appropriate risk mitigation approaches as a result of local risk assessments as well as identifying appropriate control effectiveness indicators (KCIs).
  • Coordinate and support the definition, creation and communication of risk relevant group policies, standards & procedures and develop related content for the Group Controls Matrix (“GCM”).
  • Together with the other GRC Business Partners, define and agree required GCM updates including any materiality requirements to ensure an effective yet efficient internal control framework.
  • Identify risk mitigation effectiveness indicators and support 1st line in implementing related monitoring approaches.
  • Perform process level risk analysis and related control design and participate in relevant projects and programmes to support the effective embedding of internal control within its deliverables.

Risk Monitoring

  • Develop and review Key Control Effectiveness Indicators with risk owners.
  • Support the KRI reporting process across allocated 2nd Line units.
  • Review compliance assessment results, analyse variances and perform impact assessment.
  • Work closely together with the Compliance Centre of Capability within GBS to understand mitigation effectiveness of operational and compliance risks.
  • Support (re)development of risk mitigation activities to improve design effectiveness.

Provide Assurance over Risk Management

  • Facilitate the identification of existing 2nd and 1st line assurance capabilities or assurance gaps (i.e. “assurance mapping”) and identify necessary improvements.
  • Review results of assurance activities and assess impact on mitigation effectiveness positions
  • Consolidate results of assurance activities across 1st, 2nd and 3rd line to obtain a holistic view of risk mitigation effectiveness and provide transparent reporting in relation to this.

Skills & Experience


  • Qualified Accountant (ACA, CIMA, ACA or equivalent international qualification or 4+ years’ experience in risk, internal control and/or risk assurance related roles
  • University degree in business or finance or equivalent.
  • Ability to lead across large, complex, and global corporate network, partnering & delivering effectively with other teams globally
  • Excellent relationship building experience, influencing skills, and experience of working with senior level managers/executives across a large, complex, matrix organisation
  • Proven commercial acumen through pragmatic approach to the treatment of risk
  • English fluent, both spoken and written.
  • Experience of working


  • Professional Certifications in Risk, Control or Audit
  • Big 4 or Risk Consulting experience
  • Demonstrable experience of operating across multiple geographies and cultures.
  • Demonstrable experience and understanding of a broad range of business functions and processes and their operational challenges


What we offer

Imperial Brands offer a competitive package of salary, bonus scheme, pension and 25 days holiday (with an additional 4 days on top to cover the Christmas period and bank holidays) and hybrid work.

Next steps

Interested applicants should apply with their CV highlighting their suitability for the role. 

Apply Now

Alert me about jobs like this

Not You?

Thank you


The year Imperial was founded through the
coming together of 13 UK family-run


Imperial employees worldwide


Number of markets worldwide in which our products are sold