NFS - Technology Risk Senior Consultant - SAP
Job description
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
Job description
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
EY - Technology Assurance – Senior
As part of our EY - Technology Assurance team you’ll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.
The opportunity
We’re looking for candidates at Senior level to join the leadership group of our EY - Technology Assurance Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.
Your key responsibilities are to
• Manage and lead a team of staff on SAP projects, ensuring adherence to project timelines and quality standards.
• Counselling the team members with SAP related queries and latest updates on relevant applicable standards.
• Participate in IT Risk and Assurance engagements.
• Participate in designing, developing, and implementing SAP solutions to meet business requirements effectively and effectively.
• Work effectively as a team member, sharing responsibility, providing support, maintaining active communication, and updating senior team members on progress.
• Helping in preparation of the audit reports that will be delivered to clients and other parties.
• Develop and maintain productive working relationships with onshore and client personnel.
• Identification and testing of SAP IT security and IT risk (e.g., data systems, network, and applications) across the enterprise.
• Assist with facilitating practice wide training (SAP ITGC/ SAP ITAC /SAP Pre & Post Implementation) curriculum.
• Work closely with onshore, cross-functional teams and develop strong relationships as project senior across the organisation.
• Stay updated with and promote awareness of updated ERP versions & its functionalities, industry best practices.
• Active team member executing project management/ stakeholders’ management (Client, Assurance, onshore)
• Planning and Budgeting preparation and perform analysis of budget vs actuals.
• Provide quality deliverables with value addition on the engagements and is known as SMR across organisation.
Skills and attributes for success
• Experience in reviewing and testing of SAP S4 Hana / SAP ECC IT general controls (ITGC) for key domains such as access management, change management, computer operations, SDLC (System Development Life Cycle)
• Experience in reviewing and testing SAP S4 Hana / SAP ECC security & configurations such as debugging, client settings, etc.
• Experience in performing pre & post implementation reviews in SAP S4 Hana / SAP ECC environment and have been through S4 Hana/ ECC lifecycle & performing migration testing.
• Knowledge and understanding of the T-Code, tables used to extract the data from SAP S4 Hana / SAP ECC with relation to ITGC and ITAC testing.
• Knowledge and understanding of SAP S4 Hana / SAP ECC user access security architecture (Roles, profiles, Authorisation objects)
• Experience in testing of firefighter controls in SAP S4 Hana / SAP ECC and GRC.
• Experience in reviewing and testing the Operating System (OS) and Hana Database (DB) controls in SAP S4 Hana / SAP ECC environment.
• Experience of working with other SAP applications such as GRC, Fiori, BW, BI, Ariba, Concur, Success Factor, VIM, Vistex.
• Experience in evaluation and testing of sensitive access and SOD (Segregation of Duties) across key business and IT process in SAP S4 Hana / SAP ECC and GRC environment.
• Experience in SAP GRC access control (AC) & process control (PC), financial compliance management (FCM).
• Experience in performing the walkthrough (Test of design) directly with the client, Operating Effectiveness and have knowledge of the financial statement’s assertions.
• Technical experience in SAP Basis and ISO27001 audit
• Knowledge and understanding of the auditing methodology.
• Experience in reviewing and interpretation the ABAP codes with relation to the control testing for ITGC’s and ITAC’s in SAP S4 Hana / SAP ECC environment.
• Experience in reviewing and testing the key reports ensuring the risks (completeness & accuracy) related to IPE’s (Information Produced by Entity) are addressed.
• Experience in preparing or reviewing Systems & Organization Controls (SOC) report.
• Knowledge and experience of industry specific SAP S4 Hana / SAP ECC modules.
• Knowledge of SAP S4 Hana / SAP ECC standard functionalities in relation to business and IT controls.
• Experience in reviewing and testing the key business process configurations (ITAC’s) in SAP S4 Hana / SAP ECC environment. Having strong knowledge of SAP S4 Hana / SAP ECC configurations (e.g., 3-way match, copy controls) is must.
• Experience in testing of interface controls between multiple systems and middleware controls.
• Experience in IT audit in the context of a financial audit & related regulations, auditing standards and guidelines.
• Experience in external client facing role.
• Experience in leading a team.
• Knowledge and understanding of control frameworks such as COSO, internal control principles and related regulations including SOX and J-SOX.
• Knowledge and understanding of common IT governance, control, and assurance industry frameworks, including COBIT and ISACA best practices.
• Knowledge and understanding of third-party attestation standards (particularly SSAE16/18), other reporting and industry specific standards.
To qualify for the role, you must have
• Graduate of Bachelor’s Degree in Computer Science, Information Technology, Engineering, or equivalent courses with at least 3 years of experience.
• SAP S4 Hana / SAP ECC functional modules/ ABAP/ Security Certification (Preferred)
• Amenability to do hybrid work set up (More than 2 days per week) in Mckinley West Taguig
Ideally, you'll also have
• CISA / CRISC certified
• ISO 27001 Lead Implementor/ Auditor certified
• Any other relevant certification
What we look for
• A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment.
• Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries.
What working at EY offers
• At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are.
• You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career.
• The freedom and flexibility to handle your role in a way that’s right for you.
EY | Building a better working world
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.