SAP GRC (Offshore) + Audit + Risk Management

Job Description:

• SAP GRC Implementation & Configuration: Lead or actively participate in the implementation, configuration, and optimization of SAP GRC modules, particularly Risk Management (RM) and Process Control (PC).
• Risk Assessment & Management:
  • Develop and implement the organization's risk management framework within SAP GRC, defining risk appetite, owners, and responsibilities.
  • Identify, assess, and prioritize risks across SAP business processes, including operational, financial, IT, and compliance risks.
  • Design and implement risk mitigation strategies and controls, defining and tracking mitigating controls within the GRC system.
  • Perform qualitative and quantitative risk analyses to understand the likelihood and impact of potential risks.
  • Monitor data in real-time, leveraging automated risk monitoring functionalities.
• Audit Management & Compliance:
  • Collaborate with internal and external audit teams to define audit scope, objectives, and methodologies.
  • Utilize SAP GRC Audit Management capabilities for planning, execution, and documentation of audit activities.
  • Conduct audits and reviews to assess the effectiveness of internal controls, risk management practices, and governance processes, verifying compliance with regulations, policies, and procedures.
  • Provide support during statutory and SOX audits, gathering evidence and preparing documentation required for compliance reporting.
  • Assess the design and operating effectiveness of IT General Controls (ITGCs) and business controls supporting financial processes.
  • Investigate and respond to audit findings, assisting in the development and validation of remediation plans.
  • Ensure compliance with policies, procedures, and IT controls, including the implementation of Automated Control Monitoring (ACM) functionality where applicable.
• Reporting & Analytics: Generate reports and dashboards to provide insights into risk exposure, control effectiveness, and compliance status for management and stakeholders.
• Collaboration & Communication:
  • Work closely with business stakeholders, functional teams, IT security, and auditors to align risk and compliance efforts with business objectives.
  • Provide training and support to business users, GRC owners, approvers, and mitigation reviewers on their responsibilities within the GRC framework.
• Process Improvement: Continually assess and enhance existing GRC processes to support ongoing evolution of the Risk and Control Matrix (RCM) and promote a proactive risk and control culture.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.