A career in our Enterprise Technology Risk Solutions practice, within the Risk Services team, will provide you with the opportunity to assist clients to better leverage enterprise technologies to drive a higher return on investment and improve risk management. Using advanced technology, we’re able to focus on establishing the right controls, processes and structures for our clients to ensure that verdicts are based on accurate information and assure that information provided to third parties is accurate, complete, and can be trusted. Our team helps business leaders develop into data driven organizations that adopt a comprehensive evidence based strategy, combined with the execution support to deliver results. You’ll focus on finding value and enabling sustainable information performance by using data, tools, analytics, complex modeling, data visualization, simulation, economics, optimization, information management, business intelligence, and industry expertise. As part of this mission, we are seeking to hire an experienced SAP Security and GRC Consultant to strengthen our Enterprise Technology Risk Solutions practice. This role will focus on designing, implementing, and supporting SAP Security and Governance, Risk, and Compliance solutions across complex SAP landscapes, including S/4HANA. The consultant will work closely with clients to establish robust access controls, mitigate technology and compliance risks, and embed security by design into enterprise systems, enabling trusted, compliant, and data‑driven decision-making.
As a Digital Risk Solutions Senior Associate, unlock your potential and embrace the chance to drive meaningful outcomes that’ll elevate your career. Your role will include, but isn’t limited to:
Provide risk advisory services to clients in key technology areas such as SAP S/4 HANA, BTP Security, IAG, SuccessFactors, Ariba, SAP Governance, Risk and Compliance (GRC), primarily focused on:
Implement end‑to‑end SAP security design, including: Role concept and role naming standards, Authorization object design and access strategy and Fiori catalog, group, and role design
Address any access issues / authorization issues identified during implementation phase.
Perform security assessments on the role design of the client system and provide recommendation or remediations suggestion.
Define, configure, and implement process control and risk management modules of SAP GRC.
Design and develop SAP BTP security (role collection) and integrating IAG with on premise SAP GRC.
Configure and integrate on premise SAP GRC to IAG bridge to cater to hybrid SAP landscape.
Experience supporting audits, access reviews, and control testing is an added asset Ability to balance security, compliance, and business enablement
Ability to balance security, compliance, and business enablement
Clear communication with technical, functional, and business stakeholders
Bring strong leadership and project management skills to engagement teams, working in dynamic and cross-functional teams for large-scale and multi-national engagements
Define, configure, and implement SAP GRC Access Control aligned to the target SAP landscape, including:
Access Request Management (ARM): Design and configure end‑to‑end access request processes, including workflow design, MSMP configuration, BRF plus rules, user access provisioning, and Segregation of Duties (SoD) check stages
Access Risk Analysis (ARA): Configure ARA framework, including risk ruleset design and customization, definition of Segregation of Duties (SoD) frameworks, and development of mitigation strategies
What You'll Bring:
Your skills, knowledge, and experiences are what set you apart. Here's what we look for:
Bachelor’s or Master's degree in Business, Information Technology, Finance, Data Science or Computer Science degree required
Strong hands‑on expertise in SAP S/4HANA Security, Fiori Security, and SAP GRC access control are required
Deep understanding of SAP’s Segregation of Duties (SoD), internal controls, and compliance requirements (e.g., SOX)
Experience and knowledge of controls integration, security design/implementation and GRC integration related to SAP S/4 HANA, SuccessFactors, BTP, workzone, Ariba, SAP GRC process control and risk management modules are an asset.
Completion of relevant certifications (e.g. CISSP, PMP, CRISC, CISM or CISA designation) is an asset
Certifications from SAP (e.g. SAP S/4 HANA, BTP administrator, SuccessFactors, Ariba, SAP Governance, Risk and Compliance (GRC)) is an asset.
Implementation and configuration experience on process control and risk management modules of SAP GRC is highly appreciable.
Relevant experience, including key areas such as Consulting (e.g. SAP S/4HANA implementation, BTP security configuration, IAG implementation, project management, IT consulting, risk consulting, cyber security, etc.), Assurance (internal and/or external audit) or relevant industry roles (e.g. risk management, IT, cyber security, finance and accounting, project management, system implementation)
Business development: getting involved with new opportunities, taking a proactive role in raising awareness of the firm's services and level of commitment to the local market, developing and maturing relationships with internal staff and clients, developing proposals, identifying and pursuing opportunities to increase the practice's penetration in the public and private sector
Provide high performance (e.g. clear vision/target/purpose, open communication, promoting flexibility, collaboration and accountability) to deliver high quality to clients and a rewarding experience to staff. A demonstrated commitment to valuing differences and working alongside diverse people and perspectives
PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer
This position ensures continuity and upholds our standards of excellence following the departure of a valued team member.
The salary range for this position is $65,600 - $109,300. The posted salary range represents the expected hiring range for PwC locations in major city centres. Given our national recruiting approach, ranges may vary for positions in other locations. At PwC Canada, base salary is determined by your skills, experience, qualifications and work location. In addition to base salary, eligible employees may have opportunities to participate in variable incentive pay programs which are designed to reward individual and firm-wide achievements. We are committed to offering competitive compensation and adhere to all relevant pay transparency legislation. During the hiring process, our Talent Acquisition team will provide details about our comprehensive total rewards package.
We’re inspiring and empowering our people to change the world. Powered by the latest technology, you’ll be a part of diverse teams helping public and private clients build trust and deliver sustained outcomes. This meaningful work, and our continuous development environment, will take your career to the next level. We reward your impact, and support your wellbeing, through a competitive compensation package, inclusive benefits and flexibility programs that will help you thrive in work and life. Learn more about our Application Process and Total Rewards Package at: https://jobs-ca.pwc.com/ca/en/life-at-pwc
PwC Canada acknowledges that we work and live across Turtle Island, on the land that is now known as Canada, which are the lands of the ancestral, treaty and unceded territories of the First Nations, Métis and Inuit Peoples. We recognize the systemic racism, colonialism and oppression that Indigenous Peoples have experienced and still go through, and we commit to allyship and solidarity.
We’re committed to providing accommodation throughout the application, interview, and employment process. If you require accommodation to be at your best, please let us know during the application process.
The use of artificial intelligence (AI) in recruiting is just getting started, so we know you have questions about how and why we use it. At certain points during our recruiting process, we rely on AI to improve your experience. This could be during resume review or curating personalized job recommendations, asking you clarifying questions via a chatbot or during our interview scheduling to improve your experience. Our use of AI helps ensure we combat bias by evaluating candidates equally and fairly, without seeing identity information, such as your name, or gender for example). AI also helps us better predict successful hires by reviewing all applicants for a role and the relationship between your skills, experience and likely success at PwC Canada. While AI supports parts of our recruitment process, final hiring decisions always involve human review. For more information about our use and protection of your data, please refer to our Privacy Policy (https://www.pwc.com/ca/en/privacy-policy.html).
