IS SME for SAP GRC

• Owns the SAP GRC solution architecture and operations globally, ensuring alignment with enterprise risk frameworks, regulatory compliance, and internal control policies.
• Drives the end-to-end lifecycle management of SAP GRC modules, including Access Control, Process Control, and Risk Management-covering configuration, updates, testing, and ongoing support.
• Defines and continuously improves GRC-related processes, including user access provisioning, Segregation of Duties (SoD) analysis, control automation, and compliance reporting.
• Ensures GRC operations comply with audit, IT security, and compliance requirements, maintaining system integrity, transparency, and traceability across business processes.
• Supports internal and external audits by managing access controls, risk assessments, control documentation, and remediation tracking in the GRC landscape.
• Identifies and mitigates compliance risks, control violations, and access issues through proactive monitoring, policy enforcement, and collaboration with audit and business stakeholders.
• Oversees the implementation and tuning of GRC automation tools and workflows, reducing manual intervention, improving policy enforcement, and enhancing audit readiness.
• Owns the roadmap for SAP GRC capabilities, ensuring alignment with regulatory changes, digital compliance strategies, and ABB's evolving business needs.
• Engages with SAP, third-party providers, internal control teams, and security leads to support incident resolution, regulatory updates, and continuous improvement of GRC capabilities.
• Collaborates with ERP security, compliance, audit, and functional teams to provide secure, scalable, and auditable business processes through SAP GRC solutions.

Qualifications for the role (Mandatory)

• Bachelor's or master's in computer science, Information Systems, or equivalent technical field.
• 10+ years in SAP GRC Environment.
• SAP GRC, Certification
• Preferred Certificate - PMP, ITIL, CISA, CRISC
• Application Managers, Service owners, ERP Managers, Business users.
• This position plays a vital role in aspects like Regulatory Compliance, Risk Mitigation, Internal Control Effectiveness, Business Continuity, Audit Readiness, Policy Enforcement, and Secure Global Operations Enablement

CORE RESPONSIBILITIES:

• Builds IS domain service operation activities in cooperation with IS Service Owners and IS Solution Architects.
• Maps business process demand to existing or new IS services, providing and helping on the new demands and projects in collaboration with IS Service Owners.
• Integrates operation and build activities (DevOps scope) in collaboration with the build team.
• Reviews Service Level Agreements (SLAs) and corresponding service monitoring and controlling metrics to identify rightsizing opportunities.
• Plays an active role in defining new contracts with vendors for the operational activities, service levels, and SLAs.
• Accountable for fulfilling the service requests in the agreed SLAs and collaborating with IS Service Owner to define the domain service catalog.
• Defines (in close collaboration) the level of monitoring, type of monitoring and assures all consumer interaction points lifecycle experience are under control and proper support is provided.
• Contributes to the IS service catalog and sets directions in the areas of service introduction and end-user support.
• Collaborates, defines, optimizes, and reviews incident management, problem management, service requests, and all processes related to domain service delivery and operation.
• Ensures configuration of state changes and thresholds for proactive monitoring.
• Dedicates resources to monitor problem volumes, Root Cause Analysis (RCA) quality, solution timelines, and follows up on potential improvement opportunities.
• Responsible for ensuring service availability and performance are properly monitored at a sufficient level in case of a disaster.
• Records and reports the change of state in case of an event and responds adequately.
• Responsible for creating and keeping up to date the Configuration Management Database (CMDB) and ensuring the availability of the information related to service configuration and the Configuration Items (CI).
• Responsible for the day-to-day execution of IS domain service operation delivery, escalation, and relationship management.
• Responsible for ensuring service restoration (within the agreed SLA), business impact analysis, and prioritization in incident management.
• Supports major incident and critical situation resolution by finding the root cause of incidents (through known errors and root cause analysis), defining workarounds, and following up on fixing root causes (by planning problem resolution and change implementation).
• Undertakes periodic audits to ensure correct user access has been provided to systems.
• Supports the Application Owner and business to understand and document the flow of information through the business processes and IT systems this includes all the stages from the data entering a system to its transformation to a report.
• Supports the business process owners and control owners in validating system-generated reports from a business perspective to ensure that data is complete, reliable, and accurate (Information Produced by Entity (IPE)requirement).
• Ensures Service Desk organization is properly informed and trained to route requests and incidents correctly.
• Executes the IS domain service delivery utilizing the internal IS delivery units, IS Operations team members, and/or external third-party IS service suppliers in a core and flex model, as advised.
• Oversees any process related to third party and internal IS supply for domain service delivery and operation.
• Ensures (in concert with IS business) customers satisfaction with IS services by understanding their strategic and tactical needs, making sure actions are taken to close any gaps, and influences stakeholder perceptions of the relevant IS services, all within the scope of responsibility.

Ensures adherence to corporate IS policies and procedures, and to internal regulations and external legislation that fall within their own area of responsibility.

Executes all actions in IS processes for assigned tasks, according to agreed RACI specification(s).

Ensures that a framework of policies, standards, processes, and practices is in place to guide provision of IT services.

Assures alignment of ABB IS strategy to core, business, and functional strategies.

COLLABORATION / LEADERSHIP

Provides leadership, guidance, or support to temporary work teams, through advising and monitoring task completion without carrying line responsibility.

Builds awareness and competence as applicable within ABB IS.

Engages with business leaders, consumers, and/or customers to understand changes to processes, products, services, software, and hardware to improve efficiencies and add value.

Manages relationships with stakeholders in their own area of responsibility to define solutions and ensure alignment.

Focuses on enabling the stakeholder relationships strategically, tactically, and at the operational level.