Risk Consulting - Risk Technology - SAP GRC & Security - Manager

About The Position

Requirements

• 6+ years of experience in an SAP Security and GRC lead role
• Extensive hands-on experience with Design, Build, Test and Deploy Application security framework across various SAP applications i.e. SAP S/4, FIORI, ECC, ARIBA, HCM and Success Factors is required.
• Strong SAP GRC Access Control implementation experience (version 12.0 or other GRC AC technologies) with Integration knowledge of IAM tools (Saviynt, SailPoint, SAP IAG etc..) is required.
• Experience designing process to support review of Segregation of Duties (SOD)s and Critical Actions (CA); temporary emergency management, and user provisioning.
• Working experience of risk framework/ruleset design to comply with Segregation of Duties (SOD)s and Critical Actions (CA) for various business processes.
• An understanding how to assess, define and align SAP application security to the risk and controls framework.
• Ability to support multiple projects, shifting priorities, and changing environments/ landscapes is required.
• Strong skills in project management, team management, and client service
• Strong analytical, interpersonal and communication skills
• A willingness to travel to meet client needs; travel is estimated at 80%. A valid driver’s license in the US and a valid passport is required.

Nice To Haves

• A bachelor's or master’s degree in computer science, Information security, Information management systems, or related field is preferred.
• SAP HANA DB security is preferred.
• Experience with ticketing tools like Service Now (SNOW), HP ALM etc.. Is an added advantage.
• Industry related certification required (e.g., CISA, PMP, CIA, RICS); non-certified hires are required to become certified within 1 year from the date of hire.
• SAP Application Security and GRC AC certification.
• Knowledge about SAC, BTP, AI and RPA is added advantage
• Knowledge about SAP audit processes and regulatory/compliance frameworks like GDPR, JSOX, KSOX etc.

Responsibilities

• Connecting with clients to design and implement their processes into the SAP ERP through transformation journeys with Application security, GRC Access Control or similar such SaaS offerings.
• Leveraging a strong team and internal network to utilize intellectual property and lessons learned.
• Drawing upon implementation and client experiences to help clients implement a proficient design and understand how to effectively manage organizational change.
• Building strong relationships with clients to help them effectively address their complex issues.
• Designing, Developing SAP Security solutions across all SAP applications (On-prem/ Cloud/ Saas) in accordance with business requirements and security/ compliance, regulatory standards.
• Leading onshore and offshore teams throughout the project life cycle.
• Participating in SAP audit discussions (Internal & External), questions and helping resolve governance, compliance issues.
• Communicating across functions (internal and external to EY) to identify and document functional requirements.
• Keeping abreast of industry developments, practices, and trends to maintain reputation as an authoritative SAP Security and GRC expert.
• Coaching and developing teams and colleagues, providing them with the knowledge, skills, and opportunities they need to deliver.
• Identifying and managing business development opportunities.

Benefits

• Comprehensive compensation and benefits package
• Medical and dental coverage
• Pension and 401(k) plans
• Wide range of paid time off options
• Flexible vacation policy
• Designated EY Paid Holidays
• Winter/Summer breaks
• Personal/Family Care
• Other leaves of absence