Organisations rely on security as 'table stakes' in today's increasingly technology enabled world. However security is challenging and we see clients facing recurring findings raised by internal/external audit on operation of key access and security controls, adherence to security standards. However, with increases in the scale and importance and complexity of their business models, increasing significance of IT, the profile that effective security risk management has within organisations is increasing.
In addition, we are in the midst of the 4th paradigm shift in enterprise computing - mainframe, client/server, ERP and now Digital. S/4 Hana is driving a wave of change and with many companies seeking competitive advantage from in-memory computing, digital, cloud, machine-learning and robotics, keeping 'in-control' has never been more important. We help clients 'Secure the digital core'.
Deloitte's GRC offers unrivalled depth of experience in providing governance, risk, control and assurance solutions to client needs. We design, implement and provide assurance over business process and security controls to help our clients manage the risks they face on a day-to-day basis, and help them prepare for the future. We do this by addressing current technology issues and by embracing emerging technologies like artificial intelligence and robotics. While we advise on and implement multiple technologies, this role is focused on the SAP domain.
Our GRC team sits within our Technology and Digital Risk operating unit, which is part of Deloitte Risk Advisory, one of the fasting growing practices in Deloitte. In combination with our global leading SAP practice, we can offer unrivalled career growth & learning opportunities. Successful candidates will get the opportunity to help us develop our market offering and the potential to work closely with a huge range of clients. We deliver projects directly to Risk Advisory clients and the security workstream on S/4 implementations alongside Deloitte Consulting.
We are looking for high performing professionals, from industry or professional services, with experience or significant interest in SAP with a specific focus and interest in managing security, risk and controls.
This role is located in our London office. Travel to client sites is required.
This is a permanent role (typical hours are 9.30 - 5.30pm) with a degree of flexibility. We do encourage careful consideration of agile ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients.
Helping clients define good practice security and control processes and develop long term plans for ensuring security compliance
Understanding business requirements and translating them in to efficient and integrated SAP security frameworks , e.g. Design a security baseline and authorisation concept for SAP
Identifying security risks and requirements and designing the relevant automated solutions to help manage/mitigate these risks
Helping clients resolve vulnerabilities through mitigating/compensating controls or process redesign and implementing SAP GRC technology solutions
To have a broader perspective of potential issues encountered when managing diverse teams and the strategies to overcome them; have a clear understanding of the firm's commitment to creating a more inclusive culture
Delivering a wide range of client engagements which could include role design, security process optimisation and automation, GRC Access Control design, implementation and remediation
To build and maintain client relationships in the SAP Insights area
Gaining experience of various SAP technologies and understanding/managing risks associated with these
Developing our SAP Risk Advisory portfolio, by supporting business development, practice management and thought leadership activities
Requirements To qualify for the role of Senior Consultant you must have several of the following areas - it is not expected that a candidate will have all of these skills:
Thorough understanding of the SAP Role Concept including Fiori roles for S/4 Hana
Design 'Segregation of Duties free' roles for ECC and S/4 Hana
Design of Ruleset for SAP GRC Access Controls
Understanding of the configuration of SAP GRC Access Controls and ability to manage offshore teams for build and test
Familiarity with the roles and security concept for other SAP applications like Ariba, SuccessFactors, Concur, BW etc. is an advantage
Familiarity with other SAP GRC partner applications like NextLabs and Greenlight is an advantage
Further Information Deloitte Technology and Digital Risk Our SAP Insights team sits within our Technology Risk function. Our principle work areas in Technology Risk are:
ERP controls (SAP and Oracle)
Digital Risk Management
IT Risk Management
IT Internal Audit
Project Risk Management
Deloitte Risk Advisory Helping make informed and intelligent decisions The world is constantly changing and organisations are having to adapt to respond to new risks and take advantage of new opportunities. For organisations, the challenge is to identify and anticipate risks in the evolving landscape. Knowing which risks are the right ones to take and which ones to avoid is crucial. Deloitte's Risk Advisory practice advises organisations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology and operations. Where appropriate, our advisory services extend to the design and implementation of revised control frameworks including technology solutions. We also specialise in designing and implementing bespoke solutions for clients that will have a direct impact on their bottom line and generate efficiencies. We pride ourselves in taking an integrated approach, combining specialist insight and innovation across multiple disciplines including analytics, controls and resilience. Our business and industry knowledge helps clients seize the opportunity to better manage their risks across a diverse range of topics be it from finance transformation to internal audit or financial crime to digital risk. Together, we help organisations take an intelligent approach to risk. Link.
Deloitte's SAP Practice Link How can you thrive when nonstop disruption keeps redefining possibilities? You should reimagine more than business processes. You should reimagine everything-relationships, data, markets, the workforce, and more. Deloitte can show you how-and help you deliver results with SAP solutions. Deloitte has earned four global 2018 SAP® Pinnacle Awards, recognising outstanding contributions as an SAP partner. Awards include recognition as:
SAP S/4HANA® Partner of the Year-Large Enterprises
SAP Leonardo Partner of the Year
SAP® Ariba® Partner of the Year-Large Enterprise
SAP® SuccessFactors® Partner of the Year-Large Enterprises
This year marks the third year in a row that Deloitte has earned an SAP Pinnacle Award for its achievements in helping clients deliver value with SAP S/4HANA, the modern digital core ERP. It is also the only partner to have ever received this award. As recipient of the inaugural SAP Pinnacle Award for SAP Leonardo Partner of the Year, Deloitte has invested heavily in helping organisations transform business with the SAP Leonardo digital innovation system. Deloitte, SAP's first SAP Leonardo launch partner, has collaborated extensively with SAP to develop the Deloitte Reimagine Platform - a portfolio of ready-to-deploy use cases based on SAP Leonardo - the GRC use cases are called 'The Cognative Controller'.
You are here: Risk Advisory
We understand our clients' operations, their industry and the issues they face. We understand an audit is not about looking back, but about helping those businesses to plan for a successful future. Together with our team.
Our Practice offers a wide ranging and challenging number of business areas in which to develop your career. These comprise business assurance within our Corporate Groups, Public Sector and Financial Services Audit groups, and advisory specialisms including Treasury Advisory, Risk Analytics and Technology Consulting.
As one of the largest audit practices, joining us will mean working with some of the leading practitioners in the industry, for some of the leading organisations in the world and towards a career goal that is entirely yours to shape.
Our Purpose & Strategy To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.
How will this role make an impact that matters with Deloitte? You will build on our distinctive combination of specialist skills, pioneering technology, industry expertise and on-going investment to grow our business and continue to improve the market-defining services we offer.
What do we do? Deloitte offers Global integrated professional services that include Audit & Assurance, Risk Advisory, Tax, Consulting and Financial Advisory. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.
What do we value? At Deloitte we foster a collaborative culture where talented individuals can produce their best work. We value innovative thinking, diverse insights and a genuinely distinctive level of customer service. We value difference, with respect at the heart of our inclusive culture, and we support agile working arrangements. Hear from some of our people already working at Deloitte in agile ways . We are proud to have received a Best for All Stages of Motherhood special award in 2016 as a Top Employer for Working Families . SLRSKA WPFULL
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom. Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.