Digital Risk Solutions Senior Associate

About The Position

Requirements

• Bachelor’s or Master's degree in Business, Information Technology, Finance, Data Science or Computer Science degree required
• Strong hands‑on expertise in SAP S/4HANA Security, Fiori Security, and SAP GRC access control are required
• Deep understanding of SAP’s Segregation of Duties (SoD), internal controls, and compliance requirements (e.g., SOX)
• Experience and knowledge of controls integration, security design/implementation and GRC integration related to SAP S/4 HANA, SuccessFactors, BTP, workzone, Ariba, SAP GRC process control and risk management modules are an asset.
• Relevant experience, including key areas such as Consulting (e.g. SAP S/4HANA implementation, BTP security configuration, IAG implementation, project management, IT consulting, risk consulting, cyber security, etc.), Assurance (internal and/or external audit) or relevant industry roles (e.g. risk management, IT, cyber security, finance and accounting, project management, system implementation)

Nice To Haves

• Completion of relevant certifications (e.g. CISSP, PMP, CRISC, CISM or CISA designation) is an asset
• Certifications from SAP (e.g. SAP S/4 HANA, BTP administrator, SuccessFactors, Ariba, SAP Governance, Risk and Compliance (GRC)) is an asset.
• Implementation and configuration experience on process control and risk management modules of SAP GRC is highly appreciable.

Responsibilities

• Work on large-scale technology transformation projects across end-to-end SAP transformations
• Provide risk advisory services to clients in key technology areas such as SAP S/4 HANA, BTP Security, IAG, SuccessFactors, Ariba, SAP Governance, Risk and Compliance (GRC), primarily focused on:
• Design SAP Security and SAP GRC frameworks from the ground up in greenfield and brownfield S/4HANA implementations
• Implement end‑to‑end SAP security design, including: Role concept and role naming standards, Authorization object design and access strategy and Fiori catalog, group, and role design
• Technically build SAP S/4HANA roles as per the design and approach established
• Address any access issues / authorization issues identified during implementation phase.
• Perform security assessments on the role design of the client system and provide recommendation or remediations suggestion.
• Define, configure, and implement process control and risk management modules of SAP GRC.
• Design and develop SAP BTP security (role collection) and integrating IAG with on premise SAP GRC.
• Configure and integrate on premise SAP GRC to IAG bridge to cater to hybrid SAP landscape.
• Experience supporting audits, access reviews, and control testing is an added asset
• Ability to balance security, compliance, and business enablement
• Clear communication with technical, functional, and business stakeholders
• Bring strong leadership and project management skills to engagement teams, working in dynamic and cross-functional teams for large-scale and multi-national engagements
• Define, configure, and implement SAP GRC Access Control aligned to the target SAP landscape, including:
• Access Request Management (ARM): Design and configure end‑to‑end access request processes, including workflow design, MSMP configuration, BRF plus rules, user access provisioning, and Segregation of Duties (SoD) check stages
• Access Risk Analysis (ARA): Configure ARA framework, including risk ruleset design and customization, definition of Segregation of Duties (SoD) frameworks, and development of mitigation strategies
• Emergency Access Management (EAM): Configure the EAM module and design Firefighter processes to ensure controlled and auditable emergency access
• Business Role Management (BRM): Design and configure BRM to support role lifecycle management and alignment with target role design standards

Benefits

• competitive compensation package
• inclusive benefits
• flexibility programs