Locations: Belfast, Edinburgh, Glasgow, London, Manchester

Overview

The Controls Advisory team supports those accountable for managing an organisation's technology risks and compliance requirements by driving efficiency, effectiveness and modernisation of their control environment to achieve better business outcomes. We focus on increasing our client's confidence in their compliance and control whilst reducing cost and effort. Our team works cross-industry, helping senior client leaders with some of their most important and reputationally impactful challenges.

Connect to your career at Deloitte

Deloitte drives progress. Using our range of expertise, we help our clients become leaders wherever they compete. We invest in outstanding people, build teams of future thinkers with diverse talents and backgrounds, and empower them to reach for and achieve more. Our five shared values guide every decision and action: lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact.

Connect to your opportunity

As a Senior Manager, you will lead and oversee SAP Security, Governance, Risk, and Compliance (GRC) and Identity Access management work for a portfolio of diversified clients in different industries. You will lead and collaborate effectively and demonstrate extensive experience with SAP Security architecture and implementation, SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP ERP Transformation engagements. Core responsibilities include:

• Apply problem solving and critical thinking to identify technology and risk implications.
• Assess security requirements and risks for complex ERP environments supporting core business and IT processes.
• Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedures aligned with organisational goals and industry best practice.
• Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards.
• Establish and maintain robust access management policies and procedures for user provisioning, de-provisioning, and segregation of duties.
• Lead greenfield implementation projects for SAP Security, GRC and Identity Access Management.
• Collaborate effectively within an inclusive team culture where contributions are recognised.
• Perform security risk assessments against the NIS2 framework.
• Stay updated on emerging security threats and technologies and implement best practices to enhance SAP application security and controls.
• Communicate engagement issues and findings to senior management and client personnel.
• Contribute to strong client relationships through interactions with client personnel, ensuring quality in service delivery.

Connect to your skills and professional experience

You work collaboratively within diverse teams. You connect with team members, share information and ideas, and treat others with respect while contributing to team discussions.

You employ critical thinking to support solving business problems. You analyse problems objectively using relevant standards, data, and perspectives to support solutioning, recognising the role of technology in stakeholder operations.

You respect the needs of colleagues and build cooperative relationships. You embrace diversity and value contributions from colleagues with diverse backgrounds, fostering a team environment.

Candidate attributes

• Strong organisational skills
• Excellent interpersonal skills and ability to work effectively within a global team
• Accountability for keeping performance on track
• Hands-on experience with large SAP implementation programmes
• Strong understanding of authorization concepts for S/4HANA, BW/4HANA, SAP Analytics Cloud, SAP Access Controls, Identity Access Governance, and related cloud applications (e.g., SAP BTP, SuccessFactors, Ariba, Concur)
• Excellent communication and relationship-building skills
• Deep knowledge of SOX compliance, SoD, GDPR, and other regulatory requirements
• Excellent project management skills; able to manage multiple priorities and lead teams
• Ability to explain technical concepts to non-technical stakeholders
• Proficiency in English
• Understanding of how daily work contributes to team and business priorities
• Ability to work under pressure with professionalism
• Experience with GRC tools such as Saviynt, SailPoint, Pathlock, SAP GRC Access Controls (and related provisioning, SoD management, and privilege access management for SAP and non-SAP applications)

The following will be considered an asset:

• Professional certifications such as SAP Certified Technology Professional, SAP Access Control 12.0, CISSP, CISM, or other relevant security certifications
• UK security clearance eligibility

Connect to your business - Technology and Transformation

Distinctive thinking, deep expertise, innovation and collaborative working. That's what connects us. Join us to help solve some of the biggest tech and transformational challenges and make an impact that matters.

Enterprise, Technology and Performance

Our clients aim to maximise value from digital transformation investments in Finance, Supply Chain and IT operations. We take a holistic view of performance improvement, including strategy, process design and technology enablement, to support smooth transformations.

Personal independence

Regulation and controls are standard practice in our industry, and Deloitte is no exception. These controls provide important legal protections for both you and the firm. The recruitment team will provide further details during the process, including information about personal independence constraints.

Hybrid working and commitment

You’ll be based in one of our UK locations with hybrid working. You will have the opportunity to work in your local office, client sites, or remotely, depending on role requirements. Check with your recruiter for specific requirements.

Our commitment to you

Making an impact is central to what we do. click apply for full job details