We are looking for an experienced SAP Security, GRC & SOX professional to manage IT controls, compliance, and SAP security governance. The ideal candidate will ensure strong control frameworks, regulatory compliance, and secure SAP access aligned with business and audit needs.
Key Responsibilities
IT General Controls (ITGC):
- User access management (provisioning, de-provisioning, role design)
- Privileged access monitoring
- Change management & transport controls
- Backup & recovery processes
- Batch job monitoring
SOX & Compliance:
- SOX (Sarbanes-Oxley) compliance
- SOC 1 / SOC 2 audits
- ISO 27001 frameworks
- Internal & external compliance validation
SAP Security & GRC:
- SAP role design & authorization management
- SAP GRC Access Control (ARA, ARM, EAM)
- Segregation of Duties (SoD) analysis
Audit & Risk Management:
- Identify control gaps and risks
- Provide remediation recommendations
- Prepare audit reports and documentation
Stakeholder Collaboration:
- Work with IT, SAP teams, and auditors
- Support audit walkthroughs and evidence gathering
Required Skills
- 6+ years in SAP Security, GRC, and SOX
- Strong ITGC and audit knowledge
- Hands-on SAP GRC (ARA, ARM, EAM)
- Experience in SAP ECC / S/4HANA
- Strong analytical & documentation skills
⭐ Preferred Qualifications
- S/4HANA experience
- SAP Basis knowledge
- Certifications: CISA / CISM / SAP GRC
- Experience in regulated industries (Pharma/GxP is a plus)
Soft Skills
- Strong communication
- Problem-solving mindset
- Ability to work independently
