Manager, Enterprise System Management - SAP GRC
The Client: A BIG time player within the real estate industry. This company has developed a mall in every major city in China, and many more all around Singapore.
- Manage the creation and maintenance of business roles to ensure accurate translation of Key Position Types to Master Roles in SAP GRC as well as timely updates to system access to meet changes to statutory requirements
- Manage the Access Risk through Segregation of Duty (SoD) Ruleset and ensure that any changes in the satellite systems are not moved into Production before completing SoD analysis on the changes.
- Manage the Emergency Access Management (EAM) module to ensure any access in Production are made through the EAM module using authorized Firefighters IDs and the list of Critical Transaction Codes are updated whenever new SAP modules are implemented.
- Support the Risk and Governance Secretariat, ensuring that the SoD framework is upheld and strictly adhered to always.
- Conduct trainings to advise business owners in their SAP system access review on how to sieve out any unauthorized access from the review, and users on how to use the Access Request Management (ARM) module.
- Update the Segregation of Duty (SoD) Ruleset and Mitigation Controls once the Risk and Governance Committee approves any changes requested by business.
- Prepare timely and accurate reports and analysis for reporting to Management, and for Audit review.
- Support the Change Control Board Secretariat, ensuring that all Change Requests to the SAP landscape have been assessed for impact on business operations, existing system resources and maintainability.
- Bachelor's degree in IT or related discipline.
- Strong working experience in SAP Security.
- Hands on experience in SAP GRC Access Control.
- Experience in managing and working with auditors on system audits.
- Good interpersonal and communication skills to work effectively with consultants and colleagues from varied levels, functions and geography.
- Preferably bilingual in English and Mandarin to liaise with both local and overseas counterparts.
- Experience in implementation of Governance Risk & Compliance modules using MSMP workflows, and strong conceptual understanding of Governance & Risks are an advantage.
- Experience in Access Violation Management tool is an advantage.
Please send your resume in WORD format by clicking the apply button below or contact Ronald Cheung on +65 6701 1521 for a confidential discussion. Please note that only short-listed candidates will be contacted.CEI Reg. Number R2090722 (Cheung Ronald).