SOD & Financial Controls Senior Analyst

Overview

We are looking for a motivated professional for supporting the Segregation of Duties (SoD) governance using SAP GRC Access Control and ensuring that SAP S/4

HANA projects meet financial controls requirements. This role combines technical knowledge in SAP security and GRC with proactive involvement in SAP S/4

HANA implementations, upgrades, and enhancements of applications to guarantee compliance with SOX and internal control frameworks.

• Segregation of Duties (SoD) Governance (70%)
• Collaborate with IT teams to maintain SAP GRC Access Control:
  Ensure appropriate rulesets updates, risk matrices, and SoD policies for SAP ECC and SAP S/4
  
  HANA.
• Access Risk Analysis:
  Run SoD violation reports in GRC, analyze conflicts while also considering impacts of other applications in the ecosystem, and coordinate remediation or identification of compensating controls.
• Role Design & Compliance:
  Collaborate with SAP functional and security teams to design compliant roles.
• Audit Support:
  Prepare SAP GRC reports and narratives for internal/external audits; lead walkthroughs and respond to findings.
• Change Impact Assessment:
  Evaluate SoD implications of new roles, transports, and system changes before go-live.
• Lead the SoD process improvement and maintain the documentation.

• IT Applications Project:
  Financial Controls Readiness (30%)
• Lead Control Assessment in SAP Projects:
  Review project scope and design for financial control impacts (e.g., procure-to-pay, order-to-cash, record-to-report).
• Ensure readiness of checklists:
  Develop and execute financial control readiness checklists during project lifecycle.
• Pre-Go-Live Assurance:
  Validate that SAP GRC and related controls are implemented before deployment.
• Testing & Documentation:
  Support UAT with financial control test cases; maintain evidence for SOX compliance.
• Stakeholder Coordination:
  Work with project managers, auditors, and business owners to ensure timely control signoffs.

• Bachelor’s degree in information systems, Accounting/Finance, or related field.
• Certifications:
  
  SAP Security/GRC, CISA, CRISC (an asset).
• 5+ years of practical experience with SAP GRC, SoD governance, and financial controls.
• Strong knowledge of SAP ECC and SAP S/4
  
  HANA security concepts (roles, authorizations, Fiori apps).
• Hands-on experience with SAP GRC modules (Access Control: ARA and ARM).
• Familiarity with SOX compliance and internal control frameworks.
• Experience in financial controls in the context of a software implementation.
• Knowledge of audit processes and evidence preparation.

• Interpersonal Skills
• Agile and strong desire to learn—you take a proactive approach to personal and professional development
• Team spirit—you enjoy collaborating and value collective success
• Integrity, respect, and transparency
• Ability to meet deadlines while proactively communicating potential obstacles or delays

• Annual bonus based on the company’s financial results
• Generous paid time away
• Pension plan
• Collective saving opportunities
• Industry leading healthcare fully paid by BRP

Montreal, Quebec, Canada