Job Purpose and Impact

• The Senior Professional, Governance, Risk & Compliance role is a senior individual contributor responsible for leading IT and ERP risk management, with a strong emphasis on SAP controls, audit, and compliance. The position drives identification, assessment, and mitigation of risks across complex ERP environments, ensuring alignment with regulatory requirements and enterprise risk appetite.

  The ideal candidate brings hands-on SAP audit experience, deep ITGC knowledge, and a consulting mindset (e.g., Big 4) to strengthen control frameworks, influence stakeholders, and elevate audit readiness across the organization.

Key Accountabilities

SAP / ERP Risk & Controls

• Lead risk assessment, design, and evaluation of SAP controls, including access management, SoD, privileged access, and configuration controls
• Partner with SAP functional and technical teams to identify, remediate, and monitor ERP risks across core modules (e.g., FI, MM, SD, HR)
• Oversee implementation and continuous improvement of automated and manual controls within SAP and integrated systems
• Drive SAP-related audit remediation, ensuring sustainable fixes vs. point-in-time responses

IT Audit & Compliance Execution

• Lead and execute IT General Controls (ITGC) and application control testing across enterprise systems
• Act as a key liaison with Internal Audit and external auditors (e.g., Big 4), supporting walkthroughs, testing, and issue resolution
• Translate audit findings into clear, risk-based remediation plans with defined ownership and timelines
• Ensure alignment with SOX, regulatory, and industry compliance requirements

ERP Risk Governance & Oversight

• Maintain and enhance the ERP risk register, with clear linkage to enterprise risk appetite and quantification of exposure
• Establish standardized control frameworks for ERP systems, including consistent control design, documentation, and testing approaches
• Provide oversight and challenge to ensure appropriate design and operating effectiveness of ERP controls

Policy, Standards & Frameworks

Performance & Stakeholder Management

Qualifications

• 6-8+ years of experience in IT audit, risk management, or consulting, with significant exposure to SAP environments
• Strong hands-on experience with:
• SAP security & controls (GRC, SoD, access provisioning)
• ITGCs (access, change management, operations)
• ERP application controls and integrations
• Prior experience in Big 4 or leading consulting firm strongly preferred
• Proven track record managing audit engagements, remediation programs, and regulator/auditor interactions
• Deep understanding of SOX and regulatory compliance frameworks
• Strong ability to translate technical risks into business impact and influence senior stakeholders