Lead, SAP Security & Compliance

About The Position

Requirements

• 6+ years of experience in SAP security administration or architecture.
• Strong knowledge of SAP authorization concepts and role design.
• Experience supporting SAP environments in SOX-compliant organizations.
• Experience with Segregation of Duties frameworks.
• Experience with SAP GRC Access Control.
• Experience supporting SAP S/4HANA security.
• Strong collaboration skills across IT, Finance, Internal Audit, and business stakeholders.

Nice To Haves

• Familiarity with identity governance and access management concepts.
• Experience supporting public company audit environments.
• Ability to balance security rigor with operational efficiency.
• Strong documentation and communication skills.

Responsibilities

• Design and maintain SAP authorization architecture including single roles, composite roles, derived roles, and role hierarchies.
• Design and maintain SAP Fiori security architecture, including catalogs, spaces/pages, and role assignments to support secure and scalable access to SAP applications.
• Ensure proper authorization design for SAP Fiori and related services, including OData services and ICF service activation required for secure application access.
• Establish security standards across SAP modules including FI/CO, MM, SD, PP, Plant Maintenance, and Project Systems.
• Ensure SAP security architecture supports MP Materials’ SAP S/4HANA Private Cloud (RISE) environment.
• Provide security guidance for SAP integrations, enhancements, and custom development.
• Provide strategic guidance on SAP security architecture as the company expands its enterprise application landscape.
• Define and maintain the long-term SAP security strategy and roadmap in alignment with enterprise security standards and evolving business requirements.
• Own and maintain the SAP Segregation of Duties (SoD) framework in collaboration with Finance and Internal Audit.
• Identify and remediate access risks and control gaps.
• Support internal and external audit activities related to SAP access governance and security controls.
• Maintain documentation and evidence required to support SOX compliance.
• Partner with Internal Audit to continuously improve the SAP controls framework and ensure readiness for internal and external audit reviews.
• Administer and continuously improve SAP GRC Access Control, including rule set maintenance, access risk analysis, and mitigation control management.
• Establish scalable processes for access requests, approvals, and periodic access certification.
• Manage privileged access governance and SAP GRC Emergency Access Management (EAM) processes.
• Improve automation and governance of SAP access lifecycle management processes
• Drive improvements in access governance processes, including role lifecycle management, access certification, and control monitoring.
• Oversee SAP access lifecycle management, including onboarding, role changes, and offboarding processes.
• Partner with infrastructure and cybersecurity teams to ensure SAP security aligns with enterprise security standards.
• Contribute to enterprise initiatives related to identity governance, authentication, and access management.
• Support integration of SAP environments with enterprise monitoring, logging, and authentication frameworks.
• Assist with security assessments and remediation activities.
• Serve as the SAP security subject matter expert within the SAP Center of Excellence.
• Advise solution architects, developers, and business partners on secure SAP design practices.
• Ensure security considerations are incorporated into SAP implementations, upgrades, and integrations.
• Promote best practices for secure configuration and development within the SAP landscape.
• Act as the primary escalation point for SAP security and access control issues impacting business operations.