SAP Security & IT Compliance Specialist

BRPMontreal, QC
Hybrid

About The Position

The SAP Security & Compliance Specialist is responsible for maintaining the integrity, confidentiality, and availability of BRP’s SAP Security landscape while ensuring continuous compliance with corporate governance and regulatory requirements such as SOX ITGC, NIST CSF, and ISO 27001. This role provides operational and governance support for SAP access management, controls monitoring(SOx), and audit readiness, in close collaboration with the IT Compliance, Internal Audit, and SAP Security teams.

Requirements

  • Bachelor’s degree in Information Technology, Computer Science, or related field.
  • 5+ years of experience in SAP Security, GRC Access Control, or IT Compliance.
  • Demonstrated experience in ITGC/SOX testing and control remediation.
  • Experience working with auditors and GRC functions in a regulated environment.
  • Solid knowledge of SAP authorization concepts, roles, and profiles.
  • Hands-on experience with SAP GRC AC (ARA, ARM, BRM, EAM).
  • Familiarity with S/4HANA, SAP Fiori, and cloud-hosted SAP environments.
  • Knowledge of compliance frameworks: SOX, NIST CSF, COBIT, ISO 27001, and GDPR.
  • Strong understanding of access management, risk analysis, and incident response principles.
  • Analytical mindset and problem-solving skills.
  • Ability to communicate complex technical issues clearly to non-technical stakeholders.
  • Proactive, detail-oriented, and capable of managing multiple priorities.
  • Fluent in English and French.

Responsibilities

  • Manage and maintain SAP user access, roles, and authorizations in alignment with the principle of Least Privilege and Segregation of Duties (SoD).
  • Support the configuration, monitoring, and operation of SAP GRC Access Control (AC) components: ARA, ARM, EAM, BRM.
  • Review and remediate SoD conflicts and critical access risks across SAP environments (ECC, S/4HANA, BW, Fiori).
  • Participate in SAP system audits, ensuring all key security controls are implemented and tested effectively.
  • Execute periodic testing and validation of IT General Controls (ITGCs) in SAP and related systems (e.g., user provisioning, role changes, privileged access, and system configuration).
  • Provide audit evidence, walkthroughs, and documentation to support both internal and external auditors.
  • Identify control gaps, recommend remediation plans, and track corrective actions to closure.
  • Support continuous monitoring of control effectiveness and compliance dashboards in collaboration with GRC teams.
  • Align SAP security practices with global frameworks and standards such as NIST CSF, ISO 27001, and COBIT.
  • Maintain up-to-date documentation for control design, process workflows, and risk assessments.
  • Assist in defining and maintaining SAP Security Policies, Standards, and Guidelines.
  • Contribute to the development and automation of compliance reporting through tools such as Power BI, GRC dashboards, and audit management platforms.
  • Partner with IT, Cybersecurity, and Business Process Owners to ensure that SAP controls are integrated within business processes.
  • Provide advisory support to projects impacting SAP environments (e.g., S/4HANA migrations, system integrations, or cloud deployments).
  • Act as a liaison between InfoSec GRC, Internal Audit, and external auditors.

Benefits

  • Annual bonus based on the company’s financial results
  • Generous paid time away
  • Pension plan
  • Collective saving opportunities
  • Industry leading healthcare fully paid by BRP
  • Flexible work schedule
  • A summer schedule that varies by department and location
  • Holiday season shutdown
  • Educational resources
  • Discount on BRP products
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service