SAP SECURITY, GRC MANAGER

MLF-2511-391 SAP SECURITY, GRC MANAGER BARCELONA

The Security Governance, Risk & Compliance (GRC) Manager is the lead of the GRC area inside the S/4HANA implementation project and is accountable and responsible for designing, implementing, documenting, training and supporting SAP Governance, Risk, and Compliance (GRC) solutions. The roles is also responsible for managing SAP security operations (like troubleshooting, error handling, password resets, OSS messages, user provisioning and terminations and fixing/adjusting SAP Roles, complete process documentation and user guides). The role will work closely with IT, audit and controls, and business stakeholders to ensure regulatory adherence and alignment with enterprise risk management frameworkp>

• Assess the current SAP GRC implementation, identify improvements, create SAP GRC roadmap at the company and lead the implementation of this roadmap.
• Design Segregation of Duties (SoD) policies, identify conflicts, and implement mitigation strategies.
• Perform SoD analysis, remediation, and mitigating control design.
• Develop and maintain GRC documentation, dashboards, and compliance reports for leadership and audit purposes.
• Deliver end-user and key-user training on SAP GRC functionalities.
• Enable continuous monitoring of controls and risks.
• Conduct risk assessments and control testing to strengthen system security and mitigate operational risks.
• Provide expertise and support during internal and external audits.

• Lead business role design and access governance, both, backend and frontend (Fiori).
• Central User Administration (CUA).
• Role Maintenance and Authorization profiles.
• Owner of security and authorization tasks during upgrades, cutover, hypercare, and ongoing compliance operations.
• Handling of all operational day-to-day support activities for security/authorizations including ticket resolution

• Education: Relevant IT-related academic background. Advantage if having SAP GRC Certification, CISA, CISM, CRISC, or similar audit/security certifications.
• Languages: Fluent in English

• Proven experience in SAP GRC implementation and management with minimum 5+ years of experience in a similar role.
• SAP GRC hands-on implementation in transformation projects with expertise in SAP GRC modules, GRC workflow, BRF+, MSMP configuration, with SoD rule set customization and remediation, and SAP Security.
• Strong knowledge of SAP authorization concepts and hands-on experience with security operations, user access reviews, role provisioning, and audit remediation activities.
• Exposure to compliance frameworks and leading practices related to ERP control environments, regulatory standards, and audit compliance requirements.
• Project management skills to carry out the projects in the area.

• Self-organise, solution-oriented, proactive.
• Ability to work in a diverse and distributed team.
• Excellent communication for engaging business, audit, and IT teams.
• Ability to make technological concepts more accessible.

• This role will likely require a 40%-50% commute structure depending on project phases and requirements. Further details will be provided closer towards project commencement.