Deloitte
Working with the Deloitte Associate (Contractor) Programme means we can offer you the opportunity to work on a variation of industry and client related projects. Our aim is to retain the best talent and so when your project end date nears our team of Talent Community Advisors will be working with you to look at alternative projects within the firm that suit your experience should you wish to continue with Deloitte.
About the Project
We are seeking an experienced Senior Manager (with UK Security Clearance) to join our Controls Advisory team. You will lead and oversee a variety of SAP Security, Governance, Risk and Compliance (GRC) and Identity Access management work for a public sector client. You will have extensive experience with SAP Security architecture and end-to-end implementation, SAP GRC solutions (Access Control, Identity Access Governance) and experience of managing teams through complex SAP ERP Transformation engagements. The programme objective is to create a new shared service operation for HR, finance, and procurement, providing services to 3 public sector departments, operating from a single technology platform. Reporting to the Associate Director of Tech and Transformation, you will be hands on and lead a team of 8-10 people in delivering the workstream. You will demonstrate your capabilities in the following areas:
* Apply problem solving and critical thinking to enable the identification of Technology and Risks associated.
* Access the security requirements and risks for complex ERP environment supporting the core business and IT processes.
* Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedure aligned with Organizational goals and industry best practice.
* Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards.
* Establish and maintain robust access management policies and procedure for user provisioning, de-provisioning, and segregation of duties.
* Lead greenfield implementation project for SAP Security, GRC and Identity access management.
* Work effectively in diverse team within an inclusive team culture where people are recognized for their contribution.
* Perform security risk assessment against NIS2 framework.
* Stay updated on emerging security threats and technologies and implement best practice to enhance SAP application security and controls.
* Communicate engagement issues and findings to senior management and client personnel.
* Contribution to a strong client relationship ensuring quality in delivering of client service.
Essential Skills & Experience
* Must hold UK Government Security Clearance.
* Hands-on experience on large SAP Implementation programmes.
* Strong understanding of Authorization Concepts for S/4 HANA, BW/4 HANA, SAP Analytics Cloud (SAC), SAP Access Controls, Identity Access Governance (IAG), and Identity Access Management, Business Technology Platform (BTP) and other Cloud applications such SuccessFactors, Ariba, Concur.
* Knowledge of SOX compliance, segregation of duties (SoD), GDPR, and other relevant regulatory requirements.
* Excellent project management skills and strong organizational skills with the ability to lead the delivery, manage multiple priorities, drive deadlines and lead the team effectively.
* Consulting/advisory skills – have excellent communication, collaboration, interpersonal, and presentation skills. Able to present recommendations, ideas or solutions to the client and global stakeholders.
* Strong analytical, problem-solving, and communication skills in explaining technical concepts to non-technical stakeholders.
* Stakeholder Management - Collaborate with the client and project team to understand business requirements and translate them into technical solutions.
Desired Skills & Experience
Professional certification such as SAP Certified Technology Professional, SAP Access Control 12.0, CISSP, CISM, or other relevant security certifications.
Deliverables –
Responsibilities but not limited to;
* High level design - Identity and Access Management
* Workshop planning and execution for Design and Build
* IAG implementation
* S/4 HANA, SAC, BW/4HANA, BTP, ECP Security design, build and implementation
* IAG ruleset design and build and deployed
* Implementation of Position based access provisioning
* SoD/SA remediation
* Coordination with functional and technical workstreams
IR35
As a means of managing tax, commercial and reputational risks, Deloitte prohibits the use of Associates through Personal Service Companies (‘PSCs’). All Associates must contract under PAYE arrangements through a Deloitte approved ‘Employment Company’ (aka ‘umbrella company.’)