SAP Security & GRC Consultant

Our customer is one of the lead retail merchandising companies in US and Europe. The group is about to start using SAP GRC for a variety of functionalities and trying to further extend the SAP authorizations team with an experienced GRC person. Within a complex, continuously evolving and challenging environment, with a variety of different SAP systems & applications, GRC system will play a key role on identifying & mitigating risks. The candidate will join a team of 3 long-term employees and industry professionals currently focused on SAP and HANA authorizations and will be responsible for the GRC environment. The goal of this function will be to run, maintain and further improve processes within the GRC system. The system will be used by 4 operating companies for the full IT & business population.

• 6+ years of excellent knowledge in SAP GRC and specifically in AMR, EAM & PMU modules, with experience in enterprise scale implementations
• Knowledge and excellent understanding of risks and controls (design and implementation)
• Good understanding of SOD’s
• Knowledge of SAP authorization concept – Role design, implementation & development of roles
• S4 Hana authorizations knowledge
• Excellent communication and interpersonal skills and the ability to work autonomously
• Excellent knowledge of English
• Graduate IT (Bachelor) or equivalent by experience

• Execute in predefined timeframes the risk review process and follow up on its completion
• Maintain GRC master data (Risk Owners, co-ordinators, mitigating controls)
• Setup/configure system when new operating companies or new systems are introduced
• Update/maintain GRC ruleset
• Provide end user support & troubleshooting
• Analyse identified risks and propose risk mitigation actions
• Support risk owners on performing risk analysis
• Run and document related controls
• Design and implement authorizations and role changes
• Ensure all these activities are executed within the agreed planning and budget, and continuously stay focused on delivering high quality solutions
• Follow the Change management and Life cycle management policies and procedures of the customer