Title: Mirai - SAP S4 - Senior Controls Manager
Location: Kingston
Scope: Global
Work Level: WL2C
Reports to: Ritu Nibber, Global Risk & Controls Lead
Role Purpose
The IT S/4HANA SOX Senior Manager is responsible for owning the design, governance, and assurance framework for all SOX-relevant IT controls across SAP S/4HANA and integrated technologies. The role ensures the organisation maintains a strong, compliant, future-fit control environment aligned to global SOX, ICOFR, and internal governance standards. This includes defining and governing automated controls, ITGC requirements, risk-to-control mappings, and audit-ready documentation - without leading day-to-day testing or operational execution.
Key Accountabilities
A. Control Design Authority (S/4HANA & Integrated Systems)
* Lead the design and definition of SOX-relevant IT controls across S/4HANA, cloud platforms, and interfaced systems.
* Ensure controls by design principles are embedded into S/4 configuration, workflows, authorisations, integrations, and data architecture.
* Drive alignment of S/4HANA automation with ICOFR, COSO, NIST and internal control frameworks.
* Approve risk-to-control mappings, SAP configuration controls, automated controls coverage, and SoD design principles.
B. IT SOX Governance
* Own the global governance framework for ITGC and automated controls within the S/4HANA landscape.
* Define global policies, standards, RACM templates, control definitions, and evidence expectations.
* Govern the IT control landscape across ERP, identity platforms, privileged access, integrations and cloud environments.
* Provide authoritative guidance to Technology, Cyber Security, Data, Platforms, and Business Process Excellence teams.
C. Assurance & Audit Leadership
* Lead assurance oversight, setting expectations for testing quality, documentation, and evidence completeness.
* Review outcomes of ITGC and automated control assessments - without executing tests - and provide assurance sign-offs.
* Act as the senior point of contact for External Auditors (e.g., KPMG) and Internal Audit on control design, readiness and deficiencies.
* Oversee root‑cause analysis quality and ensure sustainable remediation plans align with design principles.
D. S/4HANA Transformation Governance
* Provide authoritative challenge and guidance to S/4 design teams on controls, workflows and risk coverage.
* Review and approve control implications for S/4HANA deployments, conversions, and new module rollouts (e.g., Central Finance, AATP, EWM).
* Ensure change initiatives consistently apply SOX‑aligned automation and governance requirements.
E. Continuous Improvement & Strategic Advisory
* Shape the long‑term IT control strategy, including automation, analytics‑based monitoring, and rationalised control design.
* Identify structural improvements to the IT control environment and influence senior leadership to adopt future‑fit governance models.
* Sponsor enhancements to documentation quality, global consistency, and standardisation across markets and systems.
F. Stakeholder & Leadership Responsibilities
* Serve as the senior SME for S/4HANA SOX control design across global technology and finance communities.
* Coach managers and analysts on high‑quality control design, governance and assurance principles.
* Foster strong relationships with product owners, platform architects, cyber security, data governance and finance leadership teams.
Skills & Experience
Technical Expertise
* Deep knowledge of SAP S/4HANA security, configuration, workflows, and integration architecture.
* Expertise in SOX, ICOFR, ITGC, COSO, NIST, and automated control design.
* Familiarity with identity and privileged access platforms (Azure AD/Entra ID, GRC AC, CyberArk).
* Experience governing control design in cloud‑hosted SAP landscapes (e.g., Azure).
Professional Background
* 8-12+ years in IT risk, SOX governance, ERP controls architecture or IT audit.
* Prior involvement in S/4HANA or large ERP transformation programs.
* Strong track record in global control governance roles.
Leadership & Soft Skills
* Strong ability to challenge and influence senior technology and finance leaders.
* Clear communicator who can translate complex IT risks into business language.
* Excellent judgement, analytical thinking, and integrity in applying governance standards.
Qualifications
* Degree in Information Systems, Computer Science, Accounting or a related field.
* Professional certifications preferred: CISA, CISSP, ACCA/ACA, SAP Security or equivalent.
Travel & Working Approach
Occasional travel depending on program stage and stakeholder engagements.
Hybrid working in line with local policies.
#J-18808-Ljbffr