Director - Trusted ERP, Technology Risk & Cyber

About the Team

KPMG’s Technology Risk & Cyber practice helps organisations build trust, resilience and confidence in their most critical technology platforms. Within this capability, Trusted ERP is a specialist area focused on ensuring enterprise ERP systems — particularly SAP — are secure, compliant, auditable and well-controlled once implemented.

Trusted ERP works alongside large ERP transformations, providing deep ERP risk and controls expertise to ensure systems operate safely and securely in live environments. This role is distinct from programme assurance or implementation delivery and sits squarely within technology risk, control assurance and ERP integrity.

Your Opportunity

As a Director – Trusted ERP, you will lead and grow a highly specialised ERP risk and controls capability, focussing predominately on SAP. Your focus will be on assessing and designing controls within ERP environments, helping clients ensure their ERP platforms are secure, compliant, and fit for purpose post-implementation.

You will work closely with ERP delivery teams, client stakeholders and senior leaders, providing independent risk and control insight across ERP landscapes. This is a critical role supporting ERP transformations, while remaining clearly focused on delivered risk (i.e. risk in the live ERP systems), not project or programme delivery risk.

Why KPMG

At KPMG, you’ll be part of a nationally connected, future-focused team working at the intersection of ERP, risk and trust. We offer flexible working, meaningful client impact, and the opportunity to shape a niche and growing capability within the firm.

Key Responsibilities

In this role, you will:

• Lead the design, assessment and assurance of ERP risk and control frameworks within ERP environments
• Evaluate ERP authorisations, access models, role design and segregation of duties to ensure appropriate control and compliance
• Assess delivered risk in ERP systems pre and post-implementation, including security, auditability and control effectiveness
• Provide trusted advice to clients on embedding sustainable ERP controls during and after implementation
• Partner with ERP implementation teams to ensure control considerations are embedded without taking delivery ownership
• Lead and contribute to ERP risk and control reviews, remediation initiatives and assurance engagements
• Build and mentor capability within the Trusted ERP team
• Support business development through thought leadership, client conversations and proposal contributions

Experience: To be successful in this role, you will bring:

• Deep, hands-on experience with ERP risk and controls, gained through ERP security, GRC, technology risk, IT audit or ERP assurance roles
• Strong understanding of ERP authorisations, access controls, role design and control frameworks
• Proven experience assessing risk in ERP environments, rather than programme or delivery risk
• Background in technology risk, IT controls, ERP assurance or related disciplines
• Exposure to ERP transformations, with the ability to engage credibly with ERP delivery and architecture teams
• Strong professional judgement, with confidence to challenge and advise senior stakeholders
• Excellent written and verbal communication skills, with experience producing clear, practical insights