Role Title: Roles and Authorization Consultant
Location: Remote – travel for workshops in the UK on an ad-hoc basis (1 day a month)
Contract Duration: 6 months
Day Rate: Competitive (Inside IR35)
Deloitte
Working with the Deloitte Associate (Contractor) Programme means we can offer you the opportunity to work on a variation of industry and client related projects. Our aim is to retain the best talent and so when your project end date nears our team of Talent Community Advisors will be working with you to look at alternative projects within the firm that suit your experience should you wish to continue with Deloitte.
The Role
We are seeking an experienced Roles and Authorization Consultant to lead and implement robust security solutions for our SAP landscapes. The ideal candidate will have deep expertise in SAP Security and hands-on experience with SAP tools and methodologies for managing security and compliance across SAP environments. This role will play a crucial part in designing, implementing, and re-design of security roles ensuring secure and compliant systems for our clients. You will demonstrate and develop your capabilities in the following areas:
You will demonstrate and develop your capabilities in the following areas:
* Design and build roles, profiles, and authorizations for On-prem and cloud SAP system (e.g., ECC, S/4HANA, BW to enforce appropriate access controls.
* Configure and implement SAP Identity Access Governance (IAG) and Access Controls (AC) tool for auto provisioning and access risk management.
* Understand the segregation of duties requirements and embed in the security role design
* Work with internal and client stakeholders including like technical, internal/external auditors and business process teams to ensure secure integrated solution.
* Preparation of periodic status reporting where applicable
* Responsible to deliver documentation for security approach, role design matrix, and user guides.
* Prepare training content and support in knowledge transition activity
* Strong understanding of IT Controls for S/4 HANA and other relevant SAP application suite
* Understanding of Risk rulesets & compliance aspects such as “segregation of duties”, sensitive access, mitigation controls
Essential Skills & Experience:
* Deep understanding of SAP authorization concepts, user roles, profiles, and good practices.
* Strong technical skills in SAP ECC, S/4HANA and SAP Fiori, SAP Identity Access Governance (IAG), Access Controls (AC) and cloud applications such as SAP Analytics Cloud (SAC).
* Ability to understand and analyze the segregation of duties report and remediate the risks from the roles.
* Ability to assess risks, conduct root cause analysis, and implement good practice solution for complex security challenges.
* Ability to execute current state assessment for the security level of an existing system and providing solution to identified weaknesses.
* Strong troubleshooting skills and the ability to resolve security issues quickly and efficiently.
* Excellent verbal and written communication skills, with the ability to lead discussions, explain technical details, and collaborate effectively with stakeholders.
* Ability to independently work under intense timelines in a client facing role and maintaining a professional demeanor.
* Proficient in the use of Microsoft Office Excel for analytics and Word, PowerPoint is a plus.
* Must hold UK Government Security Clearance.
Desirable Skills & Experience:
* Educated to degree level. Additional Professional certification such as SAP Certified Technology Professional, SAP Access Control 12.0, CISSP, CISM, or other relevant security certifications.
* Qualify the criteria of UK Security clearance.
* Strong understanding of Business process Controls for S/4 HANA and other relevant SAP application suite
* Knowledge & application of regulatory requirements such as SoX, GDPR etc.
IR35
As a means of managing tax, commercial and reputational risks, Deloitte prohibits the use of Associates through Personal Service Companies (‘PSCs’). All Associates must contract under PAYE arrangements through a Deloitte approved ‘Employment Company’ (aka ‘umbrella company.’)