Ta oferta pracy jest nieaktualna od 122 dni. Sprawdź aktualne oferty pracy dla Ciebie

GRC Manager

  • Warszawa, mazowieckie pokaż mapę
  • Kierownik
  • 22.10.2018

    Pracodawca ma prawo zakończyć rekrutację we wcześniejszym terminie.

    GRC Manager
    Workplace: Warszawa
    Ref. no: WRO001PG
    As an organization jointly owned by the business and IT, the Mercury Support Team (MST) is a centralized, global organization that provides operational support for our integrated, SAP-centric platform (Mercury). As the solution continues to be deployed globally, the MST partners with the Mercury Program to support countries as they come online. Over time the team will play an integral governance role in the global solution. We will continue to work closely with the business to enable the full benefit and value to be realized from the investment and to set the future direction and technology road map.
    The opportunity:
    A Manager with the GRC team manages the execution of strategic and tactical items under the direction of the GRC Lead. This includes ensuring high quality of operational service delivery to support countries live on Mercury and systematic execution of deployment/project activities to support the Mercury Program or our continuous improvement efforts.

    Your key responsibilities:

    • Design, test, troubleshoot and maintain SAP roles across our Mercury (SAP) platform, working closely with business users, functional teams and technical teams to ensure that appropriate access controls are built into the roles
    • Monitor the SAP environments for applicable compliance, including Segregation of Duties and Sensitive transactions
    • Audit to detect deviations of established procedures, role mapping, unauthorized changes to the SAP security and report findings to management
    • Ensure that application security standards are fully integrated into systems
    • Monitor and maintain EY security policies, standards, guidelines, and procedures to ensure alignment with corporate strategic plan and supports the project team during implementation
    • Support / educate business stakeholders on SAP Business Roles , access risks and mitigating controls
    • Develop interim automated solutions for GRC application reporting through ABAP, VBA, SQL, Python, or JAVA as required by the business or the MST organization
    • Prepare project plans and ensure the completion of deliverables as required
    • Assign tasks and issues as required, monitor to ensure progress and timely completion
    • Partner with Mercury Program on deployments to ensure readiness as required
    • Advise the Program and business stakeholders on security compliance strategy matters and support enhancements or defect resolution where required
    • Drive implementation and integration of SAP GRC Access Control (AC), Business Role Management (BRM), XITing, Greenlight, and other post go live sustainment tools.
    Skills and attributes to success:
    • 10+ years of SAP Security and Role Design and Maintenance experience for the following SAP products:
      • ECC
      • CRM – C4C
      • SRM
      • BW HANA
      • Business Objects
      • CLM
      • BPC
    • Strong understanding of business processes (Record to Report, Procure to Pay, Order to Cash, Customer Relationship)
    • Excellent understanding of SAP Security Administration
    • Solid understanding of key processes and methodologies related to user provisioning, role definitions, SOD analysis for SAP systems (ECC, SRM, BPC, etc.)
    • 4-6 years of SAP GRC Access Control, specifically: 
      • Access Request Management
      • Access Risk Analysis
      • Emergency Access Management (Firefighter)
      • Business Role Management
    • AP GRC Access Controls Certification preferred
    • Experience in Using a ticketing system, logging, updating and closing tickets (and meeting SLA metrics)
    • Strong business process and risk and control background
    • At least two end to end SAP role design implementations or support experience
    • At least one complete implementation of SAP GRC 10.0/10.1 Access Control
    • Experience with major querying tools and knowledge of database concepts preferred
    • Motivated self-starter
    • Customer orientation and responsiveness
    • English language skills - excellent written and verbal communication
    • Experience working in a matrixed global environment
    What we look for:
    We are looking for people who are passionate about what they do and have a track record of making a positive difference in their business environment. Our team members must be willing to take the initiative to learn and grow, and to demonstrate strong interpersonal skills as they build effective working relationships with each other and the broader global EY organization. Given the global nature of the role, we seek team members who will demonstrate some flexibility required to accommodate meetings with colleagues in different time zones.
    If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
    Make your mark.
    Apply now.