ERP Security & GRC Administrator

Reporting to the Director, Cyber Security & IT Compliance, we are seeking a highly skilled and experienced ERP Security & GRC Administrator specializing in ECC (Enterprise Central Component) to join our dynamic team.

The ideal candidate will deeply understand SAP security concepts, policies, and procedures, specifically within the ECC environment.

The ERP Security & GRC Administrator will be responsible for ensuring the confidentiality, integrity, and availability of SAP systems and data through effective security design, implementation, and maintenance.

Key Responsibilities / Accountabilities :

• Develop and implement SAP security strategies, policies, and procedures for ECC systems in alignment with organizational goals and compliance requirements.
• Conduct security assessments, audits, and risk analyses to identify vulnerabilities, gaps, and areas for improvement within ECC landscapes.
• Design, configure, and maintain role-based access controls (RBAC), user provisioning, and authorization management within ECC modules.
• Collaborate with cross-functional teams, including SAP Basis, functional teams, and IT security, to integrate security controls and best practices into ECC implementations and upgrades.
• Monitor, respond to, and resolve security incidents for ECC systems, including analyzing and mitigating security breaches or unauthorized access attempts.
• Stay current with SAP security trends, threats, and vulnerabilities, and proactively recommend and implement security enhancements and patches.
• Provide guidance, training, and support to junior security analysts and SAP administrators on ECC security-related matters.
• Participate in SAP security-related projects, including system migrations, consolidations, and expansions, ensuring ECC security requirements are adequately addressed.
• Collaborate with internal and external auditors to facilitate SAP security audits and compliance assessments, address findings, and implement corrective actions as needed.
• Document security configurations, procedures, and guidelines for ECC systems, maintaining accurate and up-to-date records.
• Willingness to learn how to administer security for Dynamics 365.
• Any other job as assigned by the Director, Cyber Security & IT Compliance.

Qualifications required for the position :

• Post-secondary education in computer science, Information Technology, or a related field is preferred.
• 5+ years of hands-on experience in SAP security administration, focusing on ECC.
• In-depth knowledge of SAP ECC security concepts, including user management, authorization objects, roles, profiles, and segregation of duties (SoD).
• Proficiency in SAP Security tools such as SAP GRC (Governance, Risk, and Compliance) Access Control.
• Experience with SAP ECC implementation, customization, and support projects.
• Excellent analytical, problem-solving, and communication skills.
• Relevant SAP certifications (e.g., SAP Certified Technology Associate - Security with SAP NetWeaver) are a plus.
12 days ago