SAP Controls and Compliance Engineer
Share
Job Location:
Monthly Salary:
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Key Responsibilities
IT SOX Compliance:
Lead the assessment documentation testing and monitoring of IT SOX controls
Collaborate with internal and external auditors during SOX audits providing required artifacts
and explanations.
Ensure that all IT controls related to SOX are appropriately designed and operating effectively.
Ensuring proper access controls and segregation of duties (SoD) are maintained.
Conduct regular security audits access reviews and ensure compliance with internal and
external audit requirements.
Collaborate with the IT and functional teams to develop and implement security best practices
and solutions.
Monitor SAP GRC Access Control including user provisioning access risk analysis emergency
access management (EAM/Firefighter) and periodic role review processes.
Configure and optimize the GRC Access Control tool to improve workflows monitoring and
reporting for SoD and risk management.
Work closely with the audit teams to ensure GRC tool configurations align with organizational
policies and regulations such as SOx.
Analyze and mitigate SAP security risks through proactive monitoring and reporting.
IT Risk Management:
Identify assess and document IT-related risks and ensure appropriate mitigating controls are in
place.
Develop and maintain the IT risk & Control framework including performing risk assessments
and developing remediation plans for any identified gaps.
external audit requirements.
Collaborate with the IT and functional teams to develop and implement security best practices
and solutions.
Monitor SAP GRC Access Control including user provisioning access risk analysis emergency
access management (EAM/Firefighter) and periodic role review processes.
Configure and optimize the GRC Access Control tool to improve workflows monitoring and
reporting for SoD and risk management.
Work closely with the audit teams to ensure GRC tool configurations align with organizational
policies and regulations such as SOx.
Analyze and mitigate SAP security risks through proactive monitoring and reporting.
IT Risk Management:
Identify assess and document IT-related risks and ensure appropriate mitigating controls are in
place.
Develop and maintain the IT risk & Control framework including performing risk assessments
and developing remediation plans for any identified gaps.
Policy & Procedure Management:
Assist in creating and updating IT policies procedures and standards to ensure compliance with
SOX and other regulatory requirements.
Ensure adherence to company-wide IT compliance policies.
IT General Controls (ITGC):
Monitor and validate ITGC including access controls change management system operations
and backup/recovery processes.
Ensure that Privileged access to systems is properly controlled and monitored.
Compliance Monitoring & Reporting:
Develop and maintain compliance dashboards reports and metrics for senior management.
Proactively monitor and report on the effectiveness of controls and provide recommendations
for improvements.
Provide leadership and guidance in vendor and resource management budgeting and technical
improvements.
Conduct training sessions on SAP Security GRC and related topics for team members and
stakeholders.
Represent in CTO boards for entire Tech Function.
Qualifications
Bachelors degree in information technology Computer Science or related field. Master's
degree or relevant professional certifications (e.g. CISA CRISC ERP-specific certifications) are
preferred.
SAP GRC AC 12.0 certification or equivalent.
Minimum of 12-15 years of experience in SAP Security GRC audit and compliance.
Hands on experience managing IT SOX compliance and Strong understanding and SAP Security
concepts including role design authorization management and user provisioning.
Experience with SAP S/4 HANA Security SAP IAG and other SAP solutions.
Bachelors degree in information technology Computer Science or related field. Master's
degree or relevant professional certifications (e.g. CISA CRISC ERP-specific certifications) are
preferred.
SAP GRC AC 12.0 certification or equivalent.
Minimum of 12-15 years of experience in SAP Security GRC audit and compliance.
Hands on experience managing IT SOX compliance and Strong understanding and SAP Security
concepts including role design authorization management and user provisioning.
Experience with SAP S/4 HANA Security SAP IAG and other SAP solutions.
Proven track record in managing SAP Security and GRC teams conducting audits and driving
process improvements.
Excellent communication leadership and stakeholder management skills.
Proficiency in project management methodologies such as Scrum Agile and outcome-based
approaches.
Proficiency in various security tools including CyberArk SailPoint SAP GRC Archer Splunk and
Imperva with the ability to effectively utilize them in ERP security and compliance activities.
process improvements.
Excellent communication leadership and stakeholder management skills.
Proficiency in project management methodologies such as Scrum Agile and outcome-based
approaches.
Proficiency in various security tools including CyberArk SailPoint SAP GRC Archer Splunk and
Imperva with the ability to effectively utilize them in ERP security and compliance activities.
Key Skills
- Abinitio
- Apprentice
- Dermatology
- Cost Estimation
- Data Networking
- Liaison
