Specialist, Identity & Access Management - SAP Security
About The Position
The Specialist, Identity & Access Management (IAM) – Audit & Compliance is a subject matter expert responsible for the execution, validation, and continuous improvement of IAM SOX and audit-related controls. This individual contributor role focuses on ensuring the effectiveness, accuracy, and sustainability of access management controls through hands-on execution, second-line validation activities, and direct participation in internal and external audits. The Specialist acts as a trusted authority on assigned controls and processes, providing audit evidence, explaining control design and operation, and supporting risk mitigation initiatives. The role works closely with IAM peers, Governance, Risk & Compliance (GRC), and auditors to ensure compliance with regulatory requirements while strengthening the organization’s overall security posture.
Requirements
- Minimum 5–7 years of experience in Identity & Access Management, IT controls, audit, or compliance-focused roles.
- Demonstrated hands-on experience executing and supporting SOX or IT General Controls (ITGC), preferably in access management.
- Experience working directly with internal and/or external auditors, including evidence preparation and walkthroughs.
- Strong skills in evidence management, documentation quality, and audit traceability.
- Understanding of IAM processes, including user lifecycle management, access provisioning, deprovisioning, and recertification.
- Bachelor’s Degree in Computer Science, Information Systems or equivalent degree or work experience
- Deep understanding of SOX requirements, ITGC frameworks, and audit methodologies for access management controls.
- Ability to assess control design and operating effectiveness.
- Familiarity with IAM tools, enterprise systems, and access governance concepts.
- Fluently bilingual both written and verbal (English, French)
Nice To Haves
- Experience performing quality reviews or independent validation activities is a strong asset.
- Certifications such as CISSP, CISA, CompTIA Security+, CIAM
Responsibilities
- Execute Identity & Access Management SOX controls in accordance with documented procedures and regulatory requirements.
- Own assigned IAM controls, ensuring consistent, accurate, and timely execution throughout the audit cycle.
- Prepare, validate, and maintain audit evidence to support internal and external audits.
- Explain control design, operating effectiveness, and supporting evidence to auditors and stakeholders.
- Identify control weaknesses, execution gaps, or documentation issues and escalate risks appropriately
- Perform independent cross-validation of IAM colleagues’ work to ensure completeness, accuracy, and compliance (second line of defense).
- Support continuous improvement by identifying recurring issues and recommending process or control enhancements.
- Serve as a subject matter expert during audit walkthroughs, testing, and issue remediation discussions.
- Collaborate with GRC, Internal Audit, External Audit, and IAM stakeholders to address audit requests and findings.
- Contribute to management action plans for control deficiencies and support remediation tracking.
- Participate in projects by providing feedback and subject‑matter expertise, and support testing for new application integrations and IAM tool upgrades as required.
- Maintain up-to-date process documentation, control narratives, and evidence standards for assigned IAM controls.
- Contribute to the refinement of IAM compliance procedures, templates, and validation checklists.
- Support knowledge sharing within the IAM team to strengthen audit readiness and control maturity.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
