Job Description:
Responsible for administering and evolving SAP Security and GRC solutions, including access control, role design, user provisioning, segregation of duties, and compliance across SAP S/4HANA and Fiori environments. Partners with business, functional, and technical teams to deliver least-privilege role designs, maintain security standards and policies, integrate GRC with enterprise security tools, and ensure regulatory and privacy compliance while resolving critical security issues.
Location: within Continental US (Fully remote with occasional trips to San Diego area.
Responsibilities:
- Responsible for maintaining business blueprint and design documents that support Security and GRC activities.
- Administer SAP GRC Access Control suite of programs, including user provisioning, segregation of duty management, emergency access, role management and reporting.
- Design, implement, and govern business roles aligned to job functions and business processes, including role lifecycle management, ownership, and periodic review.
- Partner with business and functional stakeholders to translate job responsibilities into compliant, least-privilege SAP role designs.
- Administer GRC User Access Management Process to monitor key business processes.
- Responsible for leading SAP GRC maintenance, user role/account management maturity and evolution.
- Develop InfoSec capabilities while developing and maintaining security standards, policies, procedures and processes while ensuring that company systems are fully compliant with all applicable regulatory requirements and privacy laws.
- Maintain SAP S/4HANA & FIORI Security based solutions.
- Coordinating with various teams for administration of Security and GRC tasks.
- Assist functional and technical team with solving critical issues, as it relates to Security or GRC.
- Assist team in administering heterogenous security tool landscape.
- Integrate SAP security and GRC systems with other security tools and platforms to orchestrate end-to-end security processes and improve interoperability.
Key Qualifications
- 2-5 Years SAP Security and GRC experience.
- Good understanding of the SAP authorization concept and the role-based access control model.
- Ability to set up roles and administer them to users (including derived and composite roles).
- Hands-on experience with Business Role Management in SAP, including job-based role modeling and role lifecycle governance.
- Experience in SAP GRC Access Controls Suite / Process Controls Suite.
- Experience with SAP GRC 12 – including reporting capabilities and S4 HANA.
- SOX Compliance experience, is a plus
- Strong skills in SAP Security Design Configuration and Administration.
- Experience with automation technologies such as scripting languages, APIs, and workflow automation tools.
