At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
SAP Controls Review (SAP ITGC and SAP ITAC) – Manager
As part of our Technology Risk team, you will be part of the team performing IT Audits (IT General Controls and IT Application Control testing) delivering audit and control review services for various clients across the MENA region. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also involve in identifying potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.
The opportunity
We’re looking for Managers with expertise in SAP Controls Review to join the group of our IT Audit team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.
Your key responsibilities
Manage and lead a team of staff and seniors on SAP control review projects, ensuring adherence to project timelines and quality standards. Leading the team members with the SAP related queries, latest updates on relevant applicable standards. Preparing and sharing the proposal & pursuits for SAP engagements. Regular connects with onshore counterparts to ensure the deliverables are meeting expectations & standards, creating opportunities basis skill sets. Perform control testing for both ITAC & ITGC as per the client scope and requirement. Contribute to the Risk Consulting team as a key member and assist with facilitating practice wide training (SAP ITGC/ SAP ITAC /SAP Pre & Post Implementation) curriculum. Work closely with onshore, cross-functional teams and develop strong relationships across the organization, especially with Onsite team. Stay updated with and promote awareness of updated ERP versions & its functionalities, industry best practices. Active team member executing project management/ stakeholders’ management (Client, Assurance, onshore) Provide quality deliverables with value addition on the engagements and is known as SMR across organization.
Skills and attributes for success
Candidate must have minimum 8 – 12 years of experience in SAP IT Audit with knowledge of IT governance practices. Should have completed at least 5-6 Risk & Control engagements covering pre-& post implementation reviews, assessments, control design and testing for SAP ECC and/or S4 HANA landscape. Perform SAP audits, focusing on system integrity and data accuracy. Design and assess SAP S4 controls, identifying gaps and recommending improvements. Familiarity with key business process such as Order To Cash, Procure To Pay, and Record To Report and utilize functional knowledge of key business processes to enhance control frameworks. Experience in reviewing and testing of SAP S4 Hana / SAP ECC IT general controls (ITGC) for key domains such as access management, change management, computer operations, SDLC (System Development Life Cycle) Experience in reviewing and testing SAP S4 Hana / SAP ECC security & configurations such as debugging, client settings, etc. Experience in performing pre & post implementation reviews in SAP S4 Hana / SAP ECC environment and have been through S4 Hana/ ECC lifecycle & performing migration testing. Knowledge and understanding of the T-Code, tables used to extract the data from SAP S4 Hana / SAP ECC with relation to ITGC and ITAC testing. Knowledge and understanding of SAP S4 Hana / SAP ECC user access security architecture (Roles, profiles, Authorization objects) Experience in testing of firefighter controls in SAP S4 Hana / SAP ECC and GRC. Experience in reviewing and testing the Operating System (OS) and Hana Database (DB) controls in SAP S4 Hana / SAP ECC environment. Experience of working with other SAP applications such as GRC, Fiori, BW, BI, Ariba, Concur, Success Factor, VIM, Vistex. Experience in evaluation and testing of sensitive access and SOD (Segregation of Duties) across key business and IT process in SAP S4 Hana / SAP ECC and GRC environment. Experience in SAP GRC access control (AC) & process control (PC), financial compliance management (FCM). Experience in performing the walkthrough (Test of design) directly with the client, Operating Effectiveness and have knowledge of the financial statement’s assertions. Experience in reviewing and interpretation the ABAP codes with relation to the control testing for ITGC’s and ITAC’s in SAP S4 Hana / SAP ECC environment. Experience in reviewing and testing the key reports ensuring the risks (completeness & accuracy) related to IPE’s (Information Produced by Entity) are addressed. Knowledge of SAP S4 Hana / SAP ECC standard functionalities in relation to business and IT controls. Experience in reviewing and testing the key business process configurations (ITAC’s) in SAP S4 Hana / SAP ECC environment. Having strong knowledge of SAP S4 Hana / SAP ECC configurations (e.g., 3-way match, copy controls) is must. Experience in testing of interface controls between multiple systems and middleware controls. Knowledge and understanding of common IT governance, control, and assurance industry frameworks, including COBIT and ISACA best practices 8 – 12 years of experience in SAP IT Application control reviews/audit with knowledge of IT governance practices. Excellent project management, time management, managerial and leadership skills. Proven experience in SAP Risk and Controls projects. Strong SAP Functional & Technical controls understanding of SAP ECC & S4 HANA environments. Ability to communicate complex ideas effectively, both verbally and in writing. Good to have exposure in SAP Basis testing & SAP ITGC testing will be preferable Candidate with professional consulting experience in technology risk management ideally with a Big 4 or similar large consulting firm will be preferred.
Ideally, you’ll also have
A bachelor's or master's degree (B.TECH/B.E/M.TECH/MBA-Finance) SAP S4 Hana / SAP ECC functional modules/ ABAP/ Security Certification (Preferred) CISA certified (Preferred) ISO 27001:2013 certified (Preferred) Any other relevant certification (Preferred) Excellent communication skills with consulting experience preferred A valid passport for travel.
What working at EY offers
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
Support, coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way that’s right for you
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.