GRC Analyst
MercuryFull Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Candidates must possess at least 5 years of consulting experience, with strong knowledge of Sarbanes-Oxley (SOX), Business Process controls, IT General Controls, and IT governance. A deep understanding of SAP and non-SAP landscapes, including analysis and design/re-design of business processes and IT General Controls, is required. Strong analytical skills, familiarity with audit procedures, and the ability to retrieve, analyze, and report data from various sources are essential. Experience with ERP systems, operating systems, databases, financial applications, Identity and Access Management solutions, and IT Service Management tools is necessary. A CA, CPA, or Master's degree in Computer Science, Information Assurance, or Business, coupled with over 7 years of experience in financial/IT compliance, risk management, IT audit, or IT controls, is required. Prior experience in an audit firm (e.g., Big Four) and certifications like CISA/CISM/CGEIT/CRISC or equivalent qualifications in SOX/US GAAP, COBIT, or ITIL are highly preferred. Experience in global delivery, working with offshore resources, and willingness to travel for projects are also required.
The SAP GRC Consultant will manage Governance, Risk, and Compliance activities across the SAP landscape. This includes analyzing and designing/re-designing business processes and IT General Controls in SAP and non-SAP environments. The role involves supporting audits, providing necessary information and data, and mitigating identified deficiencies and gaps. Consultants will also be responsible for understanding data structures, sources, flow, and integration across various platforms and applications, and staying updated on cloud services and multi-cloud environments. They will utilize various tools for data analysis, reporting, and monitoring, including Identity and Access Management solutions and IT Service Management tools. The consultant will also be responsible for gathering, validating, synthesizing, documenting, and communicating data and information to diverse audiences.
Global consulting & IT services