IT Control Monitoring Tester with SAP

• We are looking for an experienced GRC Consultant with a strong background in IT Audits, Internal Controls, and SAP Application Controls Testing.
• The ideal candidate will have hands-on experience in evaluating control design, performing control testing, identifying deficiencies, and supporting remediation activities across SAP environments and relat
• Depth knowledge in doing Audit/Control Testing for SAP applications
• Be part of an international IT GRC team including other control testers
• Carry out tests of IT security controls against Henkel’s control framework which is closely aligned to ISO27000
• Review evidence provided via GRC tool to demonstrate control effectiveness and check for further evidence together with IT and business colleagues in documentation, applications

• Perform Application Controls testing across SAP modules.
• Conduct design effectiveness testing for SAP GRC controls.
• Conduct operating effectiveness testing for SAP GRC controls.
• Perform platform-level controls reviews and assessments.
• Evaluate control performance and identify deficiencies.
• Document test procedures, supporting evidence, observations, and results.
• Ensure audit activities are completed in accordance with established methodologies and standards.

GRC / Compliance Support

• Support Risk and Control Self-Assessments (RCSA) for SAP systems.
• Conduct SAP GRC Access Control reviews and user access assessments.
• Monitor and maintain compliance with ISO 27001 requirements.
• Identify gaps in control design and implementation.
• Recommend remediation plans to address identified risks and control weaknesses.
• Assist in regulatory, compliance, and internal audit initiatives.
• Support continuous improvement of governance, risk, and compliance processes.

Advisory & Stakeholder Management

• Collaborate with business process owners, IT teams, auditors, and other stakeholders.
• Provide guidance on SAP controls, compliance requirements, and risk management practices.
• Communicate audit findings, risks, and recommendations professionally and effectively.
• Facilitate discussions to address control gaps and remediation activities.
• Strengthen the organization's control environment through cross-functional collaboration.
• Support management in implementing effective risk mitigation strategies.

• Prepare audit reports, risk assessments, and compliance documentation.
• Maintain detailed records of testing activities, findings, and evidence.
• Track remediation activities and follow up on action items until closure.
• Develop and update Standard Operating Procedures (SOPs).
• Contribute to the enhancement of control libraries, risk registers, and compliance frameworks.
• Prepare management reports and dashboards highlighting key risks and remediation status.
• Ensure documentation is complete, accurate, and aligned with audit and compliance requirements.

• Exp: 8 to 12 years

• 5+ years in IT Audit, Internal Controls, or Compliance.
• Experience with SAP Basis / SAP ECC / S4HANA.
• Strong understanding of ITGC, Application Controls, SAP Security.
• Knowledge of audit tools like ServiceNow GRC, SAP GRC.
• Strong analytical and communication skills.

• CISA, ISO27001, CRISC, CISM
• SAP Security, SAP GRC certifications