Provide governance and oversight of SAP (ECC/S/4HANA) and AX security architecture, challenging designs, identifying risks, and ensuring remediation; co-drive design with architecture teams where needed.
Govern roles, authorizations, and SOD compliance, including oversight of access reviews, sensitive access, and risk remediation; influence role design where required and lead license optimization.
Own SOX ITGC controls for SAP and AX (primarily access management), with defined involvement in Change and Operations, collaborating with respective teams to ensure ERP compliance.
Liaise with auditors, support audit cycles, and drive timely remediation of findings.
Govern GRC tools and enforce security and compliance policies; monitor risk exposure and ensure remediation actions are implemented.
Monitor risk exposure, report key metrics, and strengthen control frameworks and processes.
Define and maintain SOD rulesets aligned with business processes, including mitigation and compensating controls.
Drive continuous improvement and process optimization initiatives Security Architecture, Design and Build reviews.
Participate in SOX/SOD audit activities.
Ensure consistency of processes and procedures across SAP/AX Competency Centre.
Requirements
Bachelor’s / Master’s degree or equivalent experience in Computer Science, IT or related subject preferred.
SAP Security Certifications (Optional).
ITIL Qualifications.
At least 10 years of IT experience, with 8+ years in SAP in ERP Security / GRC / Compliance roles.
Significant experience in ERP Security / GRC / Compliance roles, including indirect leadership and management of cross-functional stakeholders in a global environment.
Experience supporting ERP implementations or transformations (e.g., SAP S/4HANA) and working with globally distributed teams across multiple time zones.
Experience managing global ERP environments.
Proven experience handling audits.
In-depth knowledge of SOX ITGC (including Access controls such as SOD and Sensitive Access) and broader compliance requirements.
Overall functional knowledge of SAP and/or AX.
Experienced in governing cross-functional solutions and ability to manage audit processes end-to-end.
Excellent communication and stakeholder management.
Analytical thinking and problem-solving mindset.
High attention to detail and control orientation.
Experience in a regulated industry, GXP Validated, and/or medical device company is preferred.
Strategic mindset with strong business and technical acumen.
Sound understanding of regulatory and security frameworks.
Experience working with geographically distributed virtual teams.
Ability to manage relationships with external service providers and external/internal audit teams.
Tech Stack
ERP
Benefits
Major Medical coverage + Policy exclusions and insurance non-medical limit.
Educational Assistance.
Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.