SAP Security Controls & GRC Manager

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM.SAP ERP, Risk and Automation Services (ERAS) Consulting practice, assists with various consulting, internal, and external audit clients by bringing in-depth ERP, data analytics, and continuity skills where needed. Our ERAS practice is a group of highly specialized, multi-disciplined individuals with experience in multiple regulations and standards including accounting, government, and data privacy to meet the needs of our clients in the upper mid-market. The ERP risk team is typically engaged in complex, non-transactional, at times leading edge engagements that include but are not limited to, ERP implementation risk assessments, security and controls design on ERP implementations, or security and controls improvements for clients operating on large ERPs like SAP, Oracle, or Dynamics, segregation of duties assessments, and key report testing.We desire a confident individual who is able to both think strategically about risk and control management, while also being task oriented and capable of meeting the tight deadlines that often come with implementation-related work. We are seeking an individual looking for career growth in a fast-paced environment, with accelerated leadership opportunities. A rewarding work-life balance is possible with this role, as most of our national engagements are remote.Responsibilities Include:Provide subject-matter expertise in designing and testing SAP automated application controlsIdentify optimal SAP functional configuration options for control automationLead testing of SAP application control design and effectiveness; validate test scripts and review resultsAct as SME for SAP application controls in external audits (e.g. financial, SOX, regulatory)Lead teams in assessing application control design during SAP implementationsIdentify automation opportunities through stakeholder interviews and control documentation reviewConduct research on SAP configuration settings and propose innovative solutionsSupport SAP transformation projects: process modeling, controls, governance, testing, and data migrationAssist in business development by leveraging SAP and business process knowledgeCommunicate findings and recommendations clearly to clientsAssist in SAP Segregation of Duties and Sensitive Access ruleset assessmentModel RSM's core values: caring, curious, collaborative, courageous, and critical thinkingManage, mentor, and motivate multidisciplinary teams to deliver high-quality client solutionsHandle multiple client projects while contributing to internal initiatives (talent, practice, business development)Stay informed on industry trends and communicate leading risk management practicesManage a diverse portfolio of client work, ensuring profitability and risk managementMentor future firm leaders and support their professional developmentProactively pursue personal development in industry, technical, and leadership areasBuild a strong personal brand and network to drive growth for the risk advisory practiceScope, plan, and lead engagements; manage budgets and project deliveryPosition Requirements:Deep understanding of business processes and controls in SAP (various versions)Minimum 5 years of SAP experienceERP implementation experience; functional SAP background is a plusPreferred secondary ERP experience in the field of security and controlsBroad industry experienc

Created: 2026-01-12