SAP Risk & Compliance Expert

The SAP Risk & Compliance Expert is responsible for leading the implementation and optimization of SAP Risk Management and SAP Process Control solutions to support enterprise governance, operational risk, and regulatory compliance objectives. This role includes managing risk and control frameworks, automating compliance processes, and integrating SAP's risk and control content with core business systems.

The expert will collaborate with audit, internal control, IT, and business process owners to configure risk and control libraries, define business rules, set up control monitoring, and ensure effective documentation and remediation tracking. Experience with the SAP GRC suite (focusing on Risk Management and Process Control), control automation, and reporting is essential.

Responsibilities:

• Lead delivery of SAP Risk Management and Process Control solutions
• Define and configure risk assessment methodologies, scoring models, and mitigation actions
• Build and manage control libraries, organizational hierarchies, and policy assignments
• Set up automated control monitoring using SAP Process Control (CCM)
• Integrate SAP Risk & Compliance with SAP ECC/S/4HANA and GRC Access Control
• Manage compliance workflows for testing, certification, issue management, and remediation
• Align risk management processes with corporate governance and regulatory standards (SOX, GDPR, ISO 27001)
• Develop dashboards, reports, and KPIs for risk visibility and compliance tracking
• Support internal/external audits and provide evidence of control effectiveness
• Conduct training, stakeholder engagement, and knowledge transfer sessions

Mandatory Skills:

• Education & Certifications:

  • Bachelor's degree in Risk Management, Information Systems, Accounting, or related field
  • SAP Certified Application Associate - SAP Risk Management or Process Control preferred
  • Certifications in audit, compliance, or security (e.g., CISA, CRISC, ISO 27001 Lead Auditor) are a strong plus
  • Project Management certification (PMP or equivalent) preferred

• Experience:

  • 4-12 years of experience in risk, compliance, or internal controls management
  • At least 3-5 years implementing SAP Process Control and/or SAP Risk Management
  • Experience with regulatory compliance programs (SOX, GDPR, HIPAA, etc.)
  • Exposure to enterprise control frameworks such as COSO, COBIT, or ISO

• Technical & Functional Skills:

  • Deep knowledge of:
    • SAP Process Control: Control automation, workflow, issue remediation, testing
    • SAP Risk Management: Risk catalogs, scoring, reporting, mitigation tracking
  • Experience integrating with SAP ECC, S/4HANA, GRC Access Control, and BW
  • Understanding of automated controls via configuration tables, change logs, and business rules
  • Familiarity with BRF+ rules, MSMP workflows, and audit trail tracking
  • Ability to work with both functional and technical stakeholders on compliance and system integration

Commitment to Diversity:
The company is committed to fostering an inclusive environment where everyone can thrive. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances.