SAP GRC Consultant

Job Description:

We are seeking a Senior GRC Consultant to lead the implementation of our new Governance, Risk, and Compliance (GRC) system. This role is pivotal in establishing a harmonized SAP environment that meets both local and global compliance standards. The ideal candidate will have extensive experience in GRC modules and a strong understanding of industry best practices.

Key Responsibilities:

• Support the end-to-end technical implementation of GRC modules, particularly Access Control, in alignment with project objectives and compliance requirements.

• Work closely with Risk, Governance, Audit, Security, and Business teams to implement GRC capabilities that align with policy and compliance needs.

• Support the design and enforcement of Segregation of Duties (SoD) frameworks and access control policies by translating governance requirements into system configurations.

• Design and build SAP authorization roles based on security best practices and the principle of least privilege.

• Maintain and update the role matrix to ensure accurate mapping of user roles and access rights

• Apply deep functional knowledge of SAP ERP modules and associated SoD risks to ensure role design and control frameworks align with operational, compliance, and audit requirements.

• Collaborate with business process owners and functional teams to understand end-to-end business processes and integrate appropriate GRC controls into SAP operations.

• Design, implement, and maintain emergency/firefighter access controls and configuration of privileged access workflows, logging and post-usage reviews.

• Provide technical support and maintenance for the GRC system, including issue resolution, patching, and configuration updates.

• Support governance and audit teams with required system data, logs, and reports for audits, annual reviews, and compliance checks

• Maintain documentation of GRC configurations, processes, and role designs.

• Stay updated on GRC product updates and industry trends to recommend improvements in configuration, controls, or user experience.

• Leverage emerging AI and data analytics to support risk detection, SoD analysis, and automation of access-related monitoring tasks.

• Support training efforts by providing subject matter input or assistance as needed

Qualifications:

• Minimum of 5 years of hands-on experience in SAP GRC implementations and support.

• Proven track record of leading at least two full-cycle SAP GRC Access Control implementations.

• Proficiency in SAP GRC modules including but not limited Access Control, Process Control and Risk Management

• Strong understanding of SAP security concepts, role design, and user provisioning.

• In-depth functional understanding of SAP ERP modules, including but not limited to Finance, Controlling, Material Management, Sales and Distribution, Production Planning and Human Resources.

• Familiarity with SAP S/4HANA and Fiori applications.

• SAP GRC certification is highly desirable.

• Proficient in English, both written and verbal.

• Strong analytical and problem-solving skills.

• Excellent communication and interpersonal abilities.

• Ability to work independently and collaboratively in a remote environment.

• High attention to detail and commitment to quality.