Key Responsibilities:
Control Execution:
- Perform regular IT General Control (ITGC) activities across SAP systems (user access reviews, change management, system monitoring)
- Adhere to CPCP deadlines, considering month/quarter end
- Monitor and document SAP configuration changes to ensure IS compliance
Access Management:
- Review user roles, authorizations, and SoD conflicts in SAP
- Support SAP access provisioning and de-provisioning aligned with internal policies
- Ensure critical transactions are restricted and logged
Change Management:
- Validate SAP transport management process compliance
- Ensure all system changes follow change control procedures (approvals, testing, documentation)
- Support audits of development and production environments
Compliance & Audit Support:
- Prepare documentation for internal and external audits and IS management testing
- Assist in remediating audit findings and control deficiencies
- Liaise with auditors, IT security, internal audit, and GRC teams
Reporting & Continuous Improvement:
- Maintain up-to-date control evidence repositories
- Track performance metrics, escalate control failures
- Recommend improvements to SAP ITGC control framework
Required Qualifications:
- Bachelor's degree in IT, Computer Science, Accounting, or related field
- 35 years in IT control execution, compliance, or audit, preferably SAP
- Strong SAP system knowledge (ECC, S/4HANA, BW, GRC)
- Familiar with SOX, GDPR, COSO, COBIT, NIST
Preferred Qualifications:
- Experience with SAP GRC Access Control, Process Control, Risk Management
- SAP or IT risk certifications (CISA, CRISC, SAP Security)
- Experience with audit lifecycle and auditors
- Hands-on with SAP Solution Manager, GRC tools, and ticketing systems
Key Competencies:
- Detail-oriented and accurate in control tasks
- Integrity and discretion with sensitive data
- Strong organization and time-management
- Team player with cross-functional collaboration skills
- Problem-solving focus on compliance and process efficiency
