SAP Security Controls & GRC Manager

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

SAP ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, data analytics, and continuity skills where needed. Our ERAS practice is a group of highly specialized, multi-disciplined individuals with experience in multiple regulations and standards including accounting, government, and data privacy to meet the needs of our clients in the upper mid-market. The ERP risk team is typically engaged in complex, non-transactional, at times leading edge engagements that include but are not limited to, ERP implementation risk assessments, security and controls design on ERP implementations, or security and controls improvements for clients operating on large ERPs like SAP, Oracle, or Dynamics, segregation of duties assessments, and key report testing.

We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are seeking an individual looking for career growth in a fast-paced environment, with accelerated leadership opportunities. A rewarding work-life balance is possible with this role, as most of our national engagements are remote.

Responsibilities Include: 

• Provide subject-matter expertise in designing and testing SAP automated application controls
• Identify optimal SAP functional configuration options for control automation
• Lead testing of SAP application control design and effectiveness; validate test scripts and review results
• Act as SME for SAP application controls in external audits (e.g. financial, SOX,  regulatory)
• Lead teams in assessing application control design during SAP implementations
• Identify automation opportunities through stakeholder interviews and control documentation review
• Conduct research on SAP configuration settings and propose innovative solutions
• Support SAP transformation projects: process modeling, controls, governance, testing, and data migration
• Assist in business development by leveraging SAP and business process knowledge
• Communicate findings and recommendations clearly to clients
• Assist in SAP Segregation of Duties and Sensitive Access ruleset assessment
• Model RSM’s core values: caring, curious, collaborative, courageous, and critical thinking
• Manage, mentor, and motivate multidisciplinary teams to deliver high-quality client solutions
• Handle multiple client projects while contributing to internal initiatives (talent, practice, business development)
• Stay informed on industry trends and communicate leading risk management practices
• Manage a diverse portfolio of client work, ensuring profitability and risk management
• Mentor future firm leaders and support their professional development
• Proactively pursue personal development in industry, technical, and leadership areas
• Build a strong personal brand and network to drive growth for the risk advisory practice
• Scope, plan, and lead engagements; manage budgets and project delivery

Position Requirements: 

• Deep understanding of business processes and controls in SAP (various versions)
• Minimum 5 years of SAP experience
• ERP implementation experience; functional SAP background is a plus
• Preferred secondary ERP experience in the field of security and controls
• Broad industry experience or deep expertise in a specific industry is a plus
• Strong executive presence and ability to engage senior client leadership
• Familiarity with SOX, FDA, data privacy, ICFR, and other audit standards
• Bachelor’s or Master’s degree in business, accounting, or related field
• Minimum 5+ years in audit, internal audit, risk management or internal control roles
• Preferred Certifications: CPA, CIA, CISA, CFE or similar
• Willingness to travel as needed
• Basic Understanding of SAP security and GRC (governance, risk and compliance)
• Proven experience managing project financials and delivering within budget
• Strong people management skills: mentoring, feedback, workload balancing
• IT General Controls experience preferred
• Prior consulting experience preferred

Standards of Performance: 

• The successful candidate will have a strong sense of leadership and a high level of energy
• A self-starter with a practice building mentality who is hands on, results-oriented and leads by example 
• Highly respected team leader and people developer with an ability to inspire others to follow
• Exceptional professionalism that commands the respect of colleagues and subordinates 
• A strong entrepreneurial spirit with the highest levels of professional and personal honestly, integrity and ethic

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

All applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law. 

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at careers@rsmus.com.

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records. For those living in California or applying to a position in California, please click here for additional information.

At RSM, an employee’s pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.