Business Oversight Manager
75% Get Rejected
- See if your CV passes Delivery Hero's ATS filters
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.
Company Description
HungerStation is part of the Delivery Hero Group, the worldās pioneering local delivery platform, our mission is to deliver an amazing experienceāfast, easy, and to your door. We operate in over 70+ countries worldwide. Headquartered in Berlin, Germany. Delivery Hero has been listed on the Frankfurt Stock Exchange since 2017 and is part of the MDAX stock market index.
Job Description
The Business Oversight Manager is a senior second-line-of-defense leader accountable for the structural integrity of the organizationās governance, risk, and control environment. This role independently evaluates the effectiveness of Governance, Risk & Compliance (GRC) outputs and ensures that controls across all business units are:
ā¢ Structurally sound
ā¢ Scalable with growth
ā¢ Embedded into operational workflows
ā¢ Consistently adhered to
Primary Accountabilities:
1. Enterprise Control Architecture Oversight
ā¢ Own and continuously refine the company-wide internal control framework.
ā¢ Ensure alignment with recognized standards (COSO, ISO 31000, Three Lines Model).
ā¢ Design preventive, automated, and scalable controls.
ā¢ Standardize control taxonomy and governance structures across departments and geographies.
ā¢ Define control maturity targets and monitor progression.
2. Independent Review of GRC Outputs
ā¢ Critically assess risk registers, control assessments, incident logs, compliance dashboards, and policy adherence reports.
ā¢ Challenge risk classifications, residual risk ratings, and mitigation adequacy.
ā¢ Validate control design vs. control operating effectiveness.
ā¢ Ensure risk documentation reflects true operational exposure, not theoretical positioning.
3. Cross-Functional Root Cause & Systemic Risk Analysis
ā¢ Lead enterprise-level investigations into recurring failures, financial leakage, regulatory exposure, or operational breakdowns.
ā¢ Identify structural weaknesses spanning Finance, Operations, Technology, HR, Procurement, and Commercial.
ā¢ Produce executive-level diagnostic reports linking process gaps to enterprise risk.
4. Procedure & Control Engineering
ā¢ Evaluate SOPs for clarity, enforceability, scalability, and control density.
ā¢ Redesign procedures to eliminate dependency on individual heroics.
ā¢ Embed control checkpoints within workflows and system configurations.
ā¢ Partner with Product/Tech teams to automate control gates.
ā¢ Ensure governance scales proportionately with growth and complexity.
5. Adherence Monitoring & Control Sustainability
ā¢ Establish continuous monitoring frameworks.
ā¢ Define leading indicators for control degradation.
ā¢ Design escalation matrices for repeat non-adherence.
ā¢ Validate remediation sustainability through follow-up testing.
ā¢ Prevent āaudit fatigueā and relapse cycles.
6. Executive Risk Translation & Advisory
ā¢ Translate operational control weaknesses into financial, regulatory, reputational, and strategic risk exposure.
ā¢ Align oversight with the companyās defined risk appetite.
ā¢ Provide quarterly enterprise control health briefings to executive leadership and board-level committees (if applicable).
ā¢ Advise leadership on governance implications of new product launches, market expansion, or structural changes.
Scope of Influence:
ā¢ All business units
ā¢ All operational processes
ā¢ All regulated activities
ā¢ Cross-border governance
This role operates independently of operations while maintaining constructive partnership.
Qualifications
ā¢ 8ā12 years in Internal Audit.
ā¢ Enterprise Risk Management, Operational Risk, SOX/Internal Controls leadership and Business Assurance functions.
ā¢ Demonstrated ownership of enterprise-wide control programs.
ā¢ Experience reviewing and challenging GRC frameworks.
ā¢ Strong knowledge of: COSO Internal Control Framework, ISO 31000, Risk & Control Self-Assessment (RCSA) and Control testing methodologies
ā¢ Proven ability to lead cross-functional investigations.Preferred Experience:
ā¢ Hands-on experience with enterprise GRC platforms (ServiceNow GRC, LogicGate, OneTrust, Archer).
ā¢ Exposure to SOX, SOC2, GDPR, or equivalent regulatory environments.
ā¢ Lean Six Sigma / process reengineering background.
ā¢ Professional certifications: CIA\CISA\CRMA\CPA
Requirements
- ā¢Deep understanding of Governance, Risk, and Compliance (GRC)
- ā¢Experience with internal control frameworks (COSO, ISO 31000, Three Lines Model)
- ā¢Ability to design preventive, automated, and scalable controls
- ā¢Experience in root cause analysis of systemic risks
- ā¢Skilled in evaluating SOPs for clarity and enforceability
- ā¢Familiarity with continuous monitoring frameworks
- ā¢Ability to translate operational weaknesses into financial, regulatory, reputational, and strategic risks
- ā¢Experience aligning oversight with company risk appetite
Nice to Have
- ā¢Experience in a second-line-of-defense role
- ā¢Familiarity with e-commerce or delivery platforms
Responsibilities
- ā¢Oversee enterprise control architecture and refine the internal control framework
- ā¢Independently review GRC outputs (risk registers, control assessments, dashboards)
- ā¢Conduct enterprise-level investigations into recurring failures or breakdowns
- ā¢Evaluate and redesign procedures to eliminate dependency on individual heroics
- ā¢Establish continuous monitoring frameworks and define leading indicators for control degradation
- ā¢Design escalation matrices for repeat non-adherence
- ā¢Validate remediation sustainability through follow-up testing
- ā¢Provide advisory on translating operational control weaknesses into risk exposure
Related Jobs
- See the score Delivery Hero's ATS gives your resume
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.