SAP Security and control consultant – Robert Half – Hoofddorp


For one of our clients, we are searching for a SAP Security and control consultant (m/f/x) in Hoofddorp with 2 + years’ experience for 4 days per week for minimum 6 months.


This role is essential to support the SAP Security team, especially with multiple team members going on leave. The consultant will assist with data extraction from SAP ECC and GRC for ITGC execution and perform other operational tasks. The role offers on-the-job training, with guidance and support from senior team members.

Key Responsibilities:

Data Extraction and Reporting:

  • Extract data from SAP ECC and SAP GRC systems for IT General Controls (ITGC) execution.
  • Capture and compile data, prepare reports, and distribute them to stakeholders for review.
  • Ensure monthly/quarterly/yearly controls are completed by deadline.
  • Control Execution:

  • Follow templates to check control objectives and completeness.
  • Assist in monthly, quarterly, and yearly execution of controls.
  • Support in documenting control activities and providing detailed explanations to auditors.
  • Operational Support:

  • Participate in the risk analysis and firefighting processes using SAP GRC.
  • Utilize SAP IDM for identity management tasks.
  • Respond to queries from team members and auditors, ensuring all information provided is accurate and comprehensive.
  • Audit Preparation:

  • Assist in preparing for audits by ensuring all controls are documented correctly.
  • Work closely with auditors to explain control processes and provide necessary evidence.
  • Qualifications:

  • Strong understanding of ITGC (IT General Controls) processes and their execution.
  • Ability to document and explain control activities clearly and concisely.
  • Excellent communication skills for interacting with auditors and stakeholders.
  • Detail-oriented with strong analytical and problem-solving skills.
  • Experience in SAP Security and GRC is required.
  • IT Audit experience, preferably with a BIG4 firm, is highly desirable.
  • CISA (Certified Information Systems Auditor) certification is a nice to have but not mandatory.
  • Lees hier meer

    Deel deze vacature: