SAP Controls & GRC Design Senior Consultant

Would you like an opportunity to be part of Deloitte's leading Cyber Risk Services team that assists Fortune 500 companies address pressing and pervasive strategic information and technology risks, such as cyber security, data leakage, identity and access management, data security breaches, operational resilience and system outages, privacy and application integrity? We provide industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling ongoing, secure and reliable operations across the enterprise.

Deloitte & Touche LLP's ("Deloitte & Touche's") Enterprise Risk Services Advisory practice works with clients across all dimensions of risk identification, assessment, quantification, and management. Our experienced professionals utilized risk-based methodologies, approaches and tools to deliver solutions for our clients. Deloitte & Touche's services combine competency and experience in the areas of financial reporting, risk management, cybersecurity, and regulatory compliance.

The Enterprise Application Integrity (EAI) solution group (within the Cyber Risk Services Market Offering) is focused on helping clients design and implement internal controls, application security and privacy to address risks within Enterprise Resource Planning (ERP) implementations/upgrades as well as business transformation projects. Our professionals have experience in one or more of the following:

  • SAP (All products including GRC and HANA)
  • Oracle (including EBS, JDE, and PeopleSoft),
  • Emerging technologies such as Workday,
  • Industry solutions such as the EPIC Clinical Information System (CIS).
  • Professional services to address application level risks both throughout the system development life cycle
  • Post go-live production application managed services (i.e., AMS Security Services).

Position Requirements:

  • Minimum: 3 to 5 years of experience with SAP Security products
  • Minimum: Bachelor's Degree
  • Minimum: 95 to 100 percenttravel

Knowledge Preferred

  • CISA or CISSP Certifications
  • Experience with SAPSecurity authorization concepts across SAP components
  • Experience in configuration of all SAP GRC Access Control modules
  • Knowledge of SAP security design and implementation methodology
  • Strong understanding of Segregation of Duties frameworks
  • Knowledge of SAP business process, user provisioning process, and security maintenance process preferred
  • Excellent writing and verbal communication skills
  • Strong project management and organizational skills

SAP & Oracle Controls /GRC PC Job Duties:

  • Design, implement, and support business process and IT controls in an ERP environment, including new implementations, control redesigns, or assessment of a client's ERP control framework
  • Understand ERP configuration as it relates to the development of automated controls
  • Strong knowledge of key business processes, the inherit risks, as well as potential controls
  • Understand leading practices as it relates to ERP control environments, and provide recommendations to clients on control design and implementation
  • Assess complex governance requirements, including Sarbanes Oxley, and provide clients with leading practice recommendations as it relates to controls in an ERP environment
  • Perform the role of GRC subject matter specialis tincluding the ability to provide in-depth application support to internal/external project team members
  • Understanding of GRC configuration and security concepts and procedures


Requisition code: E17NATESRCHGRC

See Inside the Office of Deloitte

One of the largest professional services organizations in the U.S., Deloitte delivers innovative solutions to the complex business problems facing companies around the world. Deloitte offers rewarding careers in four businesses—audit, tax, consulting, and financial advisory. Widely recognized for its inclusion initiatives, Deloitte is committed to building a workplace environment that allows people from all generations, ethnicities, and cultures to be their authentic selves.

Back to top