EY
Risk Consulting - Risk Tech - SAP GRC & Security - Manager
EY, Los Angeles, California, United States, 90079
Risk Consulting - Risk Tech - SAP GRC & Security - Manager
Join EY as a Risk Technology Manager focusing on SAP Application Security and Governance, Risk and Compliance (GRC). This role leverages business tools and methodologies to serve sophisticated clients across multiple industries.
Opportunity Our Risk Technology practice is expanding as client needs grow and SAP is a strategic investment focus area for EY. The role offers strong career progression in a culture built on knowledge, people‑oriented collaboration, and diverse teams.
Your Key Responsibilities
Connect with clients to design and implement processes into SAP ERP, including Application Security, GRC Access Control, and SaaS offerings.
Leverage EY intellectual property and lessons learned to guide implementations and manage organizational change.
Build strong client relationships to address complex risk and security issues.
Skills and Attributes for Success
Experience deploying large‑scale, cross‑functional, globally distributed SAP transformation projects with deep knowledge of Application Security and SAP GRC Access Control.
Design, develop SAP Security solutions across all SAP applications (On‑prem, Cloud, SaaS) meeting regulatory and compliance standards.
Leadership experience managing onshore and offshore teams throughout the project lifecycle.
Participate in SAP audit discussions (internal & external) and resolve governance and compliance issues.
Communicate functional requirements across internal and external stakeholders.
Stay abreast of industry developments, practices and trends to remain an authoritative SAP Security and GRC expert.
Coach and develop teams, fostering knowledge and skill growth.
Identify and manage business development opportunities.
Qualifications
6+ years of experience in an SAP Security and GRC lead role.
Bachelor’s or master’s degree in computer science, information security, information management systems or related field.
Hands‑on experience designing, building, testing and deploying application security across SAP S/4, FIORI, ECC, ARIBA, HCM and SuccessFactors.
Experience with SAP HANA DB security (preferred).
Strong SAP GRC Access Control implementation experience (v12.0 or newer) and integration knowledge of IAM tools (Saviynt, SailPoint, SAP IAG, etc.).
Experience designing reviews for Segregation of Duties and Critical Actions, emergency management and user provisioning.
Knowledge of risk framework/ruleset design to comply with SOD and CA.
Ability to support multiple projects, shifting priorities and changing environments.
Strong project‑management, team‑management and client‑service skills.
Strong analytical, interpersonal and communication skills.
Willingness to travel (~80%). Valid U.S. driver’s license and passport required.
Ideally, You’ll Also Have
Industry-related certifications (CISA, PMP, CIA, RICS) with a requirement to become certified within one year.
SAP Application Security and GRC AC certification.
Knowledge of SAC, BTP, AI and RPA.
Familiarity with SAP audit processes and regulatory/compliance frameworks such as GDPR, JSOX, KSOX.
What We Offer
Competitive compensation and benefits package (base salary ranges $142,600 to $261,500, with higher ranges in major metros) and a Total Rewards package including medical, dental, pension, 401(k) and paid time off.
Hybrid model with 40‑60% in‑person client engagement.
Flexible vacation policy and generous paid holidays, breaks, and leaves.
EY accepts applications for this position on an ongoing basis.
EY is committed to high‑ethical standards and integrity. We provide equal employment opportunities and reasonable accommodation for qualified individuals with disabilities.
#J-18808-Ljbffr
Opportunity Our Risk Technology practice is expanding as client needs grow and SAP is a strategic investment focus area for EY. The role offers strong career progression in a culture built on knowledge, people‑oriented collaboration, and diverse teams.
Your Key Responsibilities
Connect with clients to design and implement processes into SAP ERP, including Application Security, GRC Access Control, and SaaS offerings.
Leverage EY intellectual property and lessons learned to guide implementations and manage organizational change.
Build strong client relationships to address complex risk and security issues.
Skills and Attributes for Success
Experience deploying large‑scale, cross‑functional, globally distributed SAP transformation projects with deep knowledge of Application Security and SAP GRC Access Control.
Design, develop SAP Security solutions across all SAP applications (On‑prem, Cloud, SaaS) meeting regulatory and compliance standards.
Leadership experience managing onshore and offshore teams throughout the project lifecycle.
Participate in SAP audit discussions (internal & external) and resolve governance and compliance issues.
Communicate functional requirements across internal and external stakeholders.
Stay abreast of industry developments, practices and trends to remain an authoritative SAP Security and GRC expert.
Coach and develop teams, fostering knowledge and skill growth.
Identify and manage business development opportunities.
Qualifications
6+ years of experience in an SAP Security and GRC lead role.
Bachelor’s or master’s degree in computer science, information security, information management systems or related field.
Hands‑on experience designing, building, testing and deploying application security across SAP S/4, FIORI, ECC, ARIBA, HCM and SuccessFactors.
Experience with SAP HANA DB security (preferred).
Strong SAP GRC Access Control implementation experience (v12.0 or newer) and integration knowledge of IAM tools (Saviynt, SailPoint, SAP IAG, etc.).
Experience designing reviews for Segregation of Duties and Critical Actions, emergency management and user provisioning.
Knowledge of risk framework/ruleset design to comply with SOD and CA.
Ability to support multiple projects, shifting priorities and changing environments.
Strong project‑management, team‑management and client‑service skills.
Strong analytical, interpersonal and communication skills.
Willingness to travel (~80%). Valid U.S. driver’s license and passport required.
Ideally, You’ll Also Have
Industry-related certifications (CISA, PMP, CIA, RICS) with a requirement to become certified within one year.
SAP Application Security and GRC AC certification.
Knowledge of SAC, BTP, AI and RPA.
Familiarity with SAP audit processes and regulatory/compliance frameworks such as GDPR, JSOX, KSOX.
What We Offer
Competitive compensation and benefits package (base salary ranges $142,600 to $261,500, with higher ranges in major metros) and a Total Rewards package including medical, dental, pension, 401(k) and paid time off.
Hybrid model with 40‑60% in‑person client engagement.
Flexible vacation policy and generous paid holidays, breaks, and leaves.
EY accepts applications for this position on an ongoing basis.
EY is committed to high‑ethical standards and integrity. We provide equal employment opportunities and reasonable accommodation for qualified individuals with disabilities.
#J-18808-Ljbffr