GRC Analyst - Supervising Associate
Ref no: WRO001D2
Finance Infrastructure is an internal EY Finance organization that is part of EY’s Global Controllership. Finance Infrastructure helps support several key Finance Products including Mercury (which is EY’s SAP centric platform supporting Customer to Cash processes).
Finance Infrastructure is part of the Mercury Support Team (MST) which is an organization jointly owned by the business and IT. The MST is a centralized and global organization that provides operational support for an integrated, SAP-centric platform (Mercury) and manages and supports the Mercury user community. The MST plays an integral governance role in the global Mercury solution and will evolve to work closely with the business to enable the benefit and value to be realized from the investment in Mercury and to set the future direction and technology road map.
The analyst supports GRC Lead and manages adherence to the access controls and process controls framework for the Mercury Support Team (MST) on a hub-by-hub basis. Your key responsibilities:
- Work closely with the Functional Teams and Technical Teams as well as the business and off shore support teams to ensure Segregation of Duties (SOD) and critical actions are understood and appropriately built into the roles
- Ensures that application security standards are well integrated into systems
- Monitors and maintains SAP application security policies, standards, guidelines, and procedures that are in alignment with the corporate strategic plan and supports the project team during the implementation
- Manage multiple requests/ projects and escalate issues as they arise
- Responsible for implementation and integration of SAP GRC Access Control (AC) and other post go live sustainment tools
- Work with the business managers in refining risk and mitigating controls
- Support / educate business stakeholders on access risks and mitigating controls
- Understand compliance related issues as it relates to SAP business roles
- Analyse information across multiple groups, identifying risks & issues, and proposing sustainable solutions
- Monitor the SAP environments for applicable compliance, including but not limited to Segregation of Duties and Sensitive transactions
- Audit to detect deviations of established procedures, role mapping, unauthorized changes to the SAP security and report findings to management
Skills and attributes to success:
- Bachelor’s degree in computer science or a related discipline (or equivalent work experience) with strong communicative English
- 5-8 years of SAP GRC Access Control, specifically:
- Firefighter hands on experience (Super User Management)
- Access Request Management
- Risk Analysis
- Business Role Management
- Experience with the entire SAP GRC Suite, specifically:
- Access Controls
- Process Controls, etc.
- SAP GRC Access Controls Certification preferred
- Excellent understanding of SAP Security Administration
- Experienced and comfortable working with culturally diverse outsourced on/offshore staff for Project work and Production Support (Run) service delivery
- Solid understanding of key processes and methodologies user provisioning, role definitions, SOD analysis for SAP systems (ECC, SRM, BPC, etc.)
- Experience in Using a ticketing system, logging, updating and closing tickets (and meeting SLA metrics)
- Strong business process and risk and control background
- Excellent problem solving and decision making skills
- Proven track record of success as a support team member
- Ability to operate in a dynamic, fast moving and changing environment
- Ability to operate in a global matrix environment
- At least one complete implementation of SAP GRC 10.0/10.1 Access Control
- Experience in project/ change management, configuration management would be a plus
- Experience with major querying tools and knowledge of database concepts preferred
- Ability and flexibility to work in a virtual environment across multiple time zones
What we look for:
We are looking for people who are passionate about what they do and have a track record of making a positive difference in their business environment. Our team members must be willing to take the initiative to learn and grow, and to demonstrate strong interpersonal skills as they build effective working relationships with each other and the broader global EY organization.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Make your mark.