Senior Manager SAP & GRC Implementation - IT Risk Services

About The Position

Requirements

• Bachelor’s or Masters degree in Computer Science degree required
• SAP Certifications
• Completion of relevant certifications (e.g., CISA, CRISC, CGEIT, ISO27001)
• 8+ years of relevant experience in assessing information technology or business process risk ideally within a large consulting practice
• Strong understanding and experience with IT General Controls and security controls audits or assessments (e.g., SOC 1, ISO 27001, NIST) is preferred
• Experience in the designing and testing of controls in different IT environments
• Ability to work both independently, with little supervision and within a team environment
• Excellent written and oral communication skills, able to effectively express insights
• Demonstrated ability to learn and succeed in a fast-paced environment
• Attention to detail and strong organization and analytical skills
• Strong understanding of business and audit risks
• Willingness and ability to travel both within Canada and internationally

Responsibilities

• Work on SAP Security Access and Role Authorization, Controls and SAP GRC related engagements
• Support the delivery of SAP S/4 HANA project implementations mostly on a greenfield approach while being able to capture role design requirements (for S/4 HANA, SAP Analytics Cloud (SAC), SAP Landscape Transformation Replication Server (SLT), SAP Master Data Governance, SAP C4C, etc.) and the Security by design concept to build (Master, Derived, and Fiori) roles.
• Create workflows in Emergency Access Management, update rule sets, and create roles via GRC.
• Develop functional test scripts and be able to track defects and find timely resolutions.
• Develop training content for GRC, role assignments, and periodic reviews.
• Engagement risk management: quality assurance through file review, engagement planning, development and monitoring, engagement profitability - Simultaneously deliver multiple client engagements of varying size, scope, and complexity.
• Business development: taking a proactive role in the business community to increase awareness of the firm's services and level of commitment to the local market, developing and maturing relationships with internal staff and clients, developing proposals, identifying and pursuing opportunities to increase the practice's penetration in the public and private sector.
• Service Delivery: conducting research, performing technical testing, writing reports, conducting interviews, and communicating regularly with clients and resources.
• Guiding field engagement teams as well as coaching and mentoring junior staff members.