GRC System Controls Sr. Analyst


Madison, WI

Industry: Manufacturing


Less than 5 years

Posted 79 days ago

  by    John Melillo

This job is no longer available.

GRC | System Controls Sr. Analyst – GRC, Corporate Finance

Job Responsibilities

A valuable member of the GRC | System Controls team will be dedicated to:

·      SAP GRC Access Controls and Security implementations for SAP S4 HANA and Central Finance projects:

o  Collaborate with IT personnel and implementation partners to extend GRC AC processes during SAP S4 HANA and Central Finance implementations

o  Manage general IT control objectives in the area of SAP security

o  Assist with daily and monthly segregation of duties (SOD) activities 

o  Work closely with the GRC | System Controls, Security lead on ongoing S4 HANA deployments

o  Review changes in security and assess changes for GRC rule set inclusion

o  Design test plans and conduct testing for GRC rule set changes / routine checks

o  Administer GRC business roles (including adding new or changing existing GRC business roles) during ongoing S4 HANA deployments 

o  Support provisioning to multiple SAP platforms including Fiori-based access provisioning through GRC

o  Assist with the creation and maintenance of semi-annual user access reviews for the S4 HANA environment 

o  Assist with the design and implementation of sensitive access rule sets 

o  Manage modifications to a global business process owner structure to comply with ongoing SAP implementations and GRC AC provisioning processes

·      SAP GRC Access Controls sustaining model:

o  Provide expert assistance to current team members on SAP security change management procedures:

  •  Detailed review of standard and custom transactions for proper placement in SAP GRC rule set and SAP global security design Execute role level SOD conflicts

o  Assist with the development of test scenarios, scripts, and data for new or changed application functionality

o  Develop and deliver documentation and training as needed to ensure proper system usage and understanding

Required Skills

·      Experience with SAP GRC Access Controls 10.0 or 10.1 (3 years) including the following modules: Account Request Management (ARQ), Emergency Access Management (EAM), and Access Risk Analysis (ARA)

·      Experience with internal control, audit, SOX compliance with a strong background in IT controls; preferably with a "Big 4" 

·      Desire to enhance / transform / automate manual processes

·      Strong understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact SAP security

·      Experience in SAP security designs, knowledge of segregation of duties concepts, sensitive access and experience in user access security 

·      Above-average written and verbal communication skills, including documentation of findings and recommendations

·      Ability to work in a team environment and with all levels of management through strong communication skills 

·      Strong organization skills

·      Project management skills ideal

·      Ability to effectively mentor less experienced team members and project team members on SAP compliance

Desired Skills:

·      Industry experience is a plus 

·      Experience performing SAP internal control reviews in the context of security, business and IT controls

·      Basic understanding of GRC Process Controls is a plus

·      Basic understanding of SAP modules including FICO, MM, SD, and Basis 

·      Advanced knowledge of Microsoft Excel

·      Knowledge of MS Access a plus

Educational Requirements:

4-year college degree, Finance or IT major preferred

$80K - $100K