Title: Mirai - SAP S4 - Senior Controls Manager
Location: Kingston
Scope: Global
Work Level: WL2B
Reports to: Global Risk & Controls Lead
Role Purpose
The IT S/4HANA SOX Senior Manager is responsible for owning the design, governance, and assurance framework for all SOX ‑ relevant IT controls across SAP S/4HANA and integrated technologies. The role ensures the organisation maintains a strong, compliant, future ‑ fit control environment aligned to global SOX, ICOFR, and internal governance standards.
This includes defining and governing automated controls, ITGC requirements, risk ‑ to ‑ control mappings, and audit ‑ ready documentation — without leading day ‑ to ‑ day testing or operational execution.
Key Accountabilities
A. Control Design Authority (S/4HANA & Integrated Systems)
* Lead the design and definition of SOX ‑ relevant IT controls across S/4HANA, cloud platforms, and interfaced systems.
* Ensure controls by design principles are embedded into S/4 configuration, workflows, authorisations, integrations, and data architecture.
* Drive alignment of S/4HANA automation with ICOFR, COSO, NIST and internal control frameworks.
* Approve risk ‑ to ‑ control mappings, SAP configuration controls, automated controls coverage, and SoD design principles.
B. IT SOX Governance
* Own the global governance framework for ITGC and automated controls within the S/4HANA landscape.
* Define global policies, standards, RACM templates, control definitions, and evidence expectations.
* Govern the IT control landscape across ERP, identity platforms, privileged access, integrations and cloud environments.
* Provide authoritative guidance to Technology, Cyber Security, Data, Platforms, and Business Process Excellence teams.
C. Assurance & Audit Leadership
* Lead assurance oversight, setting expectations for testing quality, documentation, and evidence completeness.
* Review outcomes of ITGC and automated control assessments — without executing tests — and provide assurance sign ‑ offs.
* Act as the senior point of contact for External Auditors (e.g., KPMG) and Internal Audit on control design, readiness and deficiencies.
* Oversee root ‑ cause analysis quality and ensure sustainable remediation plans align with design principles.
D. S/4HANA Transformation Governance
* Provide authoritative challenge and guidance to S/4 design teams on controls, workflows and risk coverage.
* Review and approve control implications for S/4HANA deployments, conversions, and new module rollouts (e.g., Central Finance, AATP, EWM).
* Ensure change initiatives consistently apply SOX ‑ aligned automation and governance requirements.
E. Continuous Improvement & Strategic Advisory
* Shape the long ‑ term IT control strategy, including automation, analytics ‑ based monitoring, and rationalised control design.
* Identify structural improvements to the IT control environment and influence senior leadership to adopt future ‑ fit governance models.
* Sponsor enhancements to documentation quality, global consistency, and standardisation across markets and systems.
F. Stakeholder & Leadership Responsibilities
* Serve as the senior SME for S/4HANA SOX control design across global technology and finance communities.
* Coach managers and analysts on high ‑ quality control design, governance and assurance principles.
* Foster strong relationships with product owners, platform architects, cyber security, data governance and finance leadership teams.
Skills & Experience
Technical Expertise
* Deep knowledge of SAP S/4HANA security, configuration, workflows, and integration architecture.
* Expertise in SOX, ICOFR, ITGC, COSO, NIST, and automated control design.
* Familiarity with identity and privileged access platforms (Azure AD/Entra ID, GRC AC, CyberArk).
* Experience governing control design in cloud ‑ hosted SAP landscapes (e.g., Azure).
Professional Background
* 8–12+ years in IT risk, SOX governance, ERP controls architecture or IT audit.
* Prior involvement in S/4HANA or large ERP transformation programs.
* Strong track record in global control governance roles.
Leadership & Soft Skills
* Strong ability to challenge and influence senior technology and finance leaders.
* Clear communicator who can translate complex IT risks into business language.
* Excellent judgement, analytical thinking, and integrity in applying governance standards.
Qualifications
* Degree in Information Systems, Computer Science, Accounting or a related field.
* Professional certifications preferred: CISA, CISSP, ACCA/ACA, SAP Security or equivalent.
Travel & Working Approach
* Occasional travel depending on program stage and stakeholder engagements.
* Hybrid working in line with local policies.
#J-18808-Ljbffr