Job Details

Job Title: SAP GRC Access Control Administrator
Location: Raleigh, NC (Hybrid 3x a week Onsite)

JOB DESCRIPTION

• Responsible for developing and supporting SAP GRC Access Control processes across the SAP software stack.
• This role ensures compliance with internal IAM standards, regulatory requirements, and industry best practices by establishing processes for user access provisioning and risk analysis within the SAP GRC system.

ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• dminister SAP user provisioning and de-provisioning workflows and access requests using GRC Access Control (ARM). Ensure proper segregation of duties (SoD). Manage privileged access assignments and monitor usage logs (EAM).
• Work with functional and technical teams to design, maintain, and test SAP roles. Support periodic role clean-up, redesign, and optimization activities. Perform risk analysis for new and existing roles to identify potential SoD conflicts.
• Lead the execution of regular SoD and critical access reviews using GRC Access Risk Analysis (ARA). Support internal and external audits by providing evidence of access controls. Assist in remediation and mitigation strategies for identified access risks.
• Lead efforts related to designing, planning, enhancing, and testing identity management technologies used in the SAP landscape including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
• Ensure GRC system connectivity with SAP landscape is functioning as expected. Support configuration and ongoing maintenance of SAP GRC Access Control modules. Collaborate with BASIS and security teams to troubleshoot and resolve access related issues.
• Contribute to the enforcement of enterprise cybersecurity standards, policies, and procedures in the SAP landscape. Recommend improvements to access control processes, automation, and reporting.
• Responsible for technical support of information security technologies providing expert problem analysis and resolution in a timely manner

QUALIFICATIONS
REQUIRED QUALIFICATIONS
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor's degree in information technology, Computer Science, or related field. Five years of experience in GRC Access Control administration and SAP Security.
• Hands-on experience with SAP GRC Access Control 12 modules (ARA, ARM, BRM, EAM)
• Strong knowledge of SAP Security concepts, role design, and user administration, including experience with S/4HANA, BTP Security, and Cloud Identity Services.
• Understanding of compliance frameworks such as SOX, GDPR, or ISO 27001.
• Excellent analytical, troubleshooting, and problem-solving skills.
• Strong communications skills and ability to drive work to completion

PREFERRED QUALIFICATIONS:

• Master's degree or MBA and ten years of experience or an equivalent combination of education and work experience
• Banking or financial services experience
• Familiarity with other SAP GRC modules (Process Control, Risk Management)
• Experience with Active Directory integration for authentication and provisioning (On-Premises and EntraID (Azure AD))
• Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP),
• Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM), or related.