Security Manager - Ernst & Young

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

As part of our EY UK Risk Consulting team, you'll contribute technically to SAP Security & GRC client engagements and internal projects. An important part of your role will be to assist Seniors while actively participating within the client engagement. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY commitment to quality, you'll confirm that work is of high standard. As a member of the team, you'll help to create a positive learning culture and assist fellow team members while delivering an assignment.

We're looking for people with expertise in SAP Security and GRC to join our Risk Consulting team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of the service offering.

• Solid consulting/auditing experience, including 3-4 end-to-end SAP GRC implementation projects.
• Strong understanding of SAP (S/4 HANA) authorization concepts, user roles, profiles, and best practices.
• Expertise in role design and building roles, profiles, and authorizations for On-prem and cloud SAP systems (e.g., ECC, S/4HANA, BW).
• Proficient in SAP GRC Access Controls and Identity Access Governance (IAG), including configuration and implementation for auto provisioning and access risk management.
• Knowledge of segregation of duties (SOD) requirements, risk rulesets, mitigation controls and compliance aspects.
• Understanding of business processes, controls frameworks, compliances, and regulations in an SAP ERP environment.
• Expertise in SAP GRC Process Control design, configurations, and complex functional processes and workflows across different versions.
• Experience in designing and building SAP GRC PC CCM business rules, master data setup, and conducting GRC Process workflow assessments.
• Experience on GRC Process workflow Assessments of Internal Controls, Issues & Remediation plans, Ad-hoc issues, Survey Assessment, and Policy Management.
• Ability to assess risks, conduct root cause analysis, and implement effective solutions for SAP Security issues.
• Excellent verbal and written communication skills, with the ability to lead discussions and collaborate effectively with teams.
• Ability to work independently under tight timelines in a client-facing role while maintaining professionalism.
• Understanding of IT Controls for S/4 HANA and other relevant SAP application suite.

• Aid the team in various project phases, including problem definition, diagnosis, technical design, and deployment of SAP Security & GRC solutions.
• Collaborate effectively as a team member, providing support and maintaining communication with senior team members on task progress.
• Conduct research and assist in preparing client presentations and information memorandums.
• Strive to exceed client and team expectations while working on complex assignments.
• Develop and maintain productive working relationships with clients and onsite personnel.
• Prepare project documentation and ensure adherence to the software development life cycle and quality protocols.