Mirai - SAP S4 IT Controls Manager

Title : Mirai - SAP S4 - Senior Controls Manager

Location: Kingston

Scope: Global

Work Level: WL2B

Reports to: Ritu Nibber, Global Risk & Controls Lead

Role Purpose

The IT S/4HANA SOX Senior Manager is responsible for owning the design, governance, and assurance framework for all SOX‑relevant IT controls across SAP S/4HANA and integrated technologies. The role ensures the organisation maintains a strong, compliant, future‑fit control environment aligned to global SOX, ICOFR, and internal governance standards.

This includes defining and governing automated controls, ITGC requirements, risk‑to‑control mappings, and audit‑ready documentation — without leading day‑to‑day testing or operational execution.

KEY ACCOUNTABILITIES

A. Control Design Authority (S/4HANA & Integrated Systems)

• Lead the design and definition of SOX‑relevant IT controls across S/4HANA, cloud platforms, and interfaced systems.
• Ensure controls by design principles are embedded into S/4 configuration, workflows, authorisations, integrations, and data architecture.
• Drive alignment of S/4HANA automation with ICOFR, COSO, NIST and internal control frameworks.
• Approve risk‑to‑control mappings, SAP configuration controls, automated controls coverage, and SoD design principles.

B. IT SOX Governance

• Own the global governance framework for ITGC and automated controls within the S/4HANA landscape.
• Define global policies, standards, RACM templates, control definitions, and evidence expectations.
• Govern the IT control landscape across ERP, identity platforms, privileged access, integrations and cloud environments.
• Provide authoritative guidance to Technology, Cyber Security, Data, Platforms, and Business Process Excellence teams.

C. Assurance & Audit Leadership

• Lead assurance oversight, setting expectations for testing quality, documentation, and evidence completeness.
• Review outcomes of ITGC and automated control assessments — without executing tests — and provide assurance sign‑offs.
• Act as the senior point of contact for External Auditors (e.g., KPMG) and Internal Audit on control design, readiness and deficiencies.
• Oversee root‑cause analysis quality and ensure sustainable remediation plans align with design principles.

D. S/4HANA Transformation Governance

• Provide authoritative challenge and guidance to S/4 design teams on controls, workflows and risk coverage.
• Review and approve control implications for S/4HANA deployments, conversions, and new module rollouts (e.g., Central Finance, AATP, EWM).
• Ensure change initiatives consistently apply SOX‑aligned automation and governance requirements.

E. Continuous Improvement & Strategic Advisory

• Shape the long‑term IT control strategy, including automation, analytics‑based monitoring, and rationalised control design.
• Identify structural improvements to the IT control environment and influence senior leadership to adopt future‑fit governance models.
• Sponsor enhancements to documentation quality, global consistency, and standardisation across markets and systems.

F. Stakeholder & Leadership Responsibilities

• Serve as the senior SME for S/4HANA SOX control design across global technology and finance communities.
• Coach managers and analysts on high‑quality control design, governance and assurance principles.
• Foster strong relationships with product owners, platform architects, cyber security, data governance and finance leadership teams.

Skills & Experience

Technical Expertise

• Deep knowledge of SAP S/4HANA security, configuration, workflows, and integration architecture.
• Expertise in SOX, ICOFR, ITGC, COSO, NIST, and automated control design.
• Familiarity with identity and privileged access platforms (Azure AD/Entra ID, GRC AC, CyberArk).
• Experience governing control design in cloud‑hosted SAP landscapes (e.g., Azure).

Professional Background

• 8–12+ years in IT risk, SOX governance, ERP controls architecture or IT audit.
• Prior involvement in S/4HANA or large ERP transformation programs.
• Strong track record in global control governance roles.

Leadership & Soft Skills

• Strong ability to challenge and influence senior technology and finance leaders.
• Clear communicator who can translate complex IT risks into business language.
• Excellent judgement, analytical thinking, and integrity in applying governance standards.

Qualifications

• Degree in Information Systems, Computer Science, Accounting or a related field.
• Professional certifications preferred: CISA, CISSP, ACCA/ACA, SAP Security or equivalent.

Travel & Working Approach

• Occasional travel depending on program stage and stakeholder engagements.
• Hybrid working in line with local policies.