SAP GRC Access Control Administrator- Software Engineer III

About The Position

Requirements

• Bachelor’s Degree and six to ten years of experience or equivalent education and software engineering training or experience
• In-depth knowledge in information systems and ability to identify, apply, and implement best practices
• Understanding of key business processes and competitive strategies related to the IT function
• Ability to plan and manage projects and solve complex problems by applying best practices
• Ability to provide direction and mentor less experienced teammates.
• Ability to interpret and convey complex, difficult, or sensitive information

Nice To Haves

• Master’s degree or MBA and ten years of experience or an equivalent combination of education and work experience.
• Five years of experience in GRC Access Control administration and SAP Security.
• Hands-on experience with SAP GRC Access Control 12 modules (ARA, ARM, BRM, EAM)
• Strong knowledge of SAP Security concepts, role design, and user administration, including experience with S/4HANA, BTP Security, and Cloud Identity Services.
• Understanding of compliance frameworks such as SOX, GDPR, or ISO 27001.
• Excellent analytical, troubleshooting, and problem-solving skills.
• Banking or financial services experience
• Familiarity with other SAP GRC modules (Process Control, Risk Management)
• Experience with Active Directory integration for authentication and provisioning (On-Premise and EntraID (Azure AD))

Responsibilities

• Administer SAP user provisioning and de-provisioning workflows, and access requests using GRC Access Control (ARM).
• Ensure proper segregation of duties (SoD).
• Manage privileged access assignments and monitor usage logs (EAM).
• Work with functional and technical teams to design, maintain, and test SAP roles.
• Support periodic role clean-up, redesign, and optimization activities.
• Perform risk analysis for new and existing roles to identify potential SoD conflicts.
• Lead the execution of regular SoD and critical access reviews using GRC Access Risk Analysis (ARA).
• Support internal and external audits by providing evidence of access controls.
• Assist in remediation and mitigation strategies for identified access risks.
• Lead efforts related to designing, planning, enhancing, and testing identity management technologies used in the SAP landscape including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
• Ensure GRC system connectivity with SAP landscape is functioning as expected.
• Support configuration and ongoing maintenance of SAP GRC Access Control modules.
• Collaborate with BASIS and security teams to troubleshoot and resolve access related issues.
• Contribute to the enforcement of enterprise cybersecurity standards, policies, and procedures in the SAP landscape.
• Recommend improvements to access control processes, automation, and reporting.
• Responsible for technical support of information security technologies providing expert problem analysis and resolution in a timely manner

Benefits

• All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.
• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.