SAP GRC Access Control Administrator- Software Engineer III

About The Position

Requirements

• Bachelor's Degree and six to ten years of experience or equivalent education and software engineering training or experience.
• In-depth knowledge in information systems and ability to identify, apply, and implement best practices.
• Understanding of key business processes and competitive strategies related to the IT function.
• Ability to plan and manage projects and solve complex problems by applying best practices.
• Ability to provide direction and mentor less experienced teammates.
• Ability to interpret and convey complex, difficult, or sensitive information.

Nice To Haves

• Master's degree or MBA and ten years of experience or an equivalent combination of education and work experience.
• Five years of experience in GRC Access Control administration and SAP Security.
• Hands-on experience with SAP GRC Access Control 12 modules (ARA, ARM, BRM, EAM).
• Strong knowledge of SAP Security concepts, role design, and user administration, including experience with S/4HANA, BTP Security, and Cloud Identity Services.
• Understanding of compliance frameworks such as SOX, GDPR, or ISO 27001.
• Excellent analytical, troubleshooting, and problem-solving skills.
• Banking or financial services experience.
• Familiarity with other SAP GRC modules (Process Control, Risk Management).
• Experience with Active Directory integration for authentication and provisioning (On-Premise and EntraID (Azure AD)).

Responsibilities

• Administer SAP user provisioning and de-provisioning workflows, and access requests using GRC Access Control (ARM).
• Ensure proper segregation of duties (SoD).
• Manage privileged access assignments and monitor usage logs (EAM).
• Work with functional and technical teams to design, maintain, and test SAP roles.
• Support periodic role clean-up, redesign, and optimization activities.
• Perform risk analysis for new and existing roles to identify potential SoD conflicts.
• Lead the execution of regular SoD and critical access reviews using GRC Access Risk Analysis (ARA).
• Support internal and external audits by providing evidence of access controls.
• Assist in remediation and mitigation strategies for identified access risks.
• Lead efforts related to designing, planning, enhancing, and testing identity management technologies used in the SAP landscape.
• Ensure GRC system connectivity with SAP landscape is functioning as expected.
• Support configuration and ongoing maintenance of SAP GRC Access Control modules.
• Collaborate with BASIS and security teams to troubleshoot and resolve access related issues.
• Contribute to the enforcement of enterprise cybersecurity standards, policies, and procedures in the SAP landscape.
• Recommend improvements to access control processes, automation, and reporting.
• Responsible for technical support of information security technologies providing expert problem analysis and resolution in a timely manner.

Benefits

• Medical, dental, vision, life insurance, disability, accidental death and dismemberment.
• Tax-preferred savings accounts.
• 401k plan.
• No less than 10 days of vacation during the first year of employment.
• 10 sick days.
• Paid holidays.
• Defined benefit pension plan, restricted stock units, and/or a deferred compensation plan may be available.