Job Title: SAP GRC and Security Manager
Location: Hybrid. Must be open to travel 1 day a week to Reading
Duration: 10 months
Start Date: End of Jan 2025/Early Feb 2025
Deloitte
Working with the Deloitte Associate (Contractor) Programme means we can offer you the opportunity to work on a variation of industry and client related projects. Our aim is to retain the best talent and so when your project end date nears our team of Talent Community Advisors will be working with you to look at alternative projects within the firm that suit your experience should you wish to continue with Deloitte.
About the Role
We are seeking an experienced and highly motivated SAP Security & GRC Manager to lead and oversee our SAP Security operations and Governance, Risk, and Compliance (GRC) initiatives. You will play a crucial role in designing, implementing, and redesigning security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation.
Responsibilities:
Develop and implement the SAP security and GRC strategy, policies, and procedures to protect the integrity and confidentiality of enterprise SAP systems.
Lead the design, configuration, and implementation of SAP GRC modules, including Access Control (AC) and Identity Access Governance (IAG).
Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards.
Define and enforce policies for user role and authorization management, ensuring the principle of least privilege and segregation of duties (SoD).
Lead GRC activities, such as user access reviews, segregation of duties (SoD) analyses, and policy compliance reviews.
Conduct risk assessments to identify and mitigate potential SAP security risks across all modules, including S/4HANA, Fiori, and other SAP applications.
Manage and mentor a team of SAP security specialists, fostering their growth and ensuring high-quality performance.
Work closely with IT, Audit, Compliance, and Business teams to align SAP security controls with business needs and compliance requirements.
Collaborate with functional and project teams to ensure the alignment and fulfilment of security requirements.
Qualifications:
Extensive experience with SAP Security architecture and implementation.
Proven expertise in implementing SAP GRC solutions, specifically Access Control (AC) and Identity Access Governance (IAG).
Strong project management experience, with a proven track record of successfully delivering large-scale projects for enterprise clients.
Deep understanding of SAP security best practices, regulatory requirements (e.g., SOX, GDPR), and industry standards.
Excellent communication, interpersonal, and stakeholder management skills.
Strong analytical and problem-solving abilities.
Desired Skills:
Experience with S/4HANA security.
Familiarity with SAP Fiori security.
Relevant certifications in SAP Security and GRC
IR35
As a means of managing tax, commercial and reputational risks, Deloitte prohibits the use of Associates through Personal Service Companies (‘PSCs’). All Associates must contract under PAYE arrangements through a Deloitte approved ‘Employment Company’ (aka ‘umbrella company.’)
Copyright © 2024