GloPros
Website:
glopros.com
Job details:
Apply directly on our website SAP Security ITGC Controller
We are looking for 3 - 5 years experienced SAP Security Control Executor responsible for performing, documenting, and maintaining day‑to‑day IT General Controls (ITGC) and access controls within the SAP Security team. The role ensures that SAP environments (ECC/S/4HANA/Fiori) operate securely, and that controls required for SOX/J-Sox, internal audit, and compliance frameworks are executed accurately and on time.
Key Responsibilities
Execute SAP Security Controls (Periodic & Ongoing):
- Perform user access reviews (UAR) for SAP systems, including verifying role appropriateness and access relevance.
- Execute Segregation of Duties (SoD) monitoring and follow up on remediation actions.
- Run and document sensitive access reviews (e.g., SAP_ALL, BASIS roles, fire-fighter users).
- Conduct recertification of privileged accounts and technical users.
Provisioning & Access Management Controls:
- Validate and document user provisioning approvals, including joiner/mover/leaver controls. Ensure access changes follow defined workflows and maintain evidence per policy.
- Perform periodic identity and role cleanups (deactivation, removal of dormant accounts).
Change Management Controls (SAP Security Related):
- Execute controls related to SAP security transports: Verify proper approvals Validate SoD between developer and approver Check emergency transport logs when relevant Maintain documentation for each control execution and retain audit evidence.
Monitoring & Logging Controls:
- Run audit log checks, review SM20 logs, and follow up on any suspicious events.
- Monitor Firefighter (EAM) usage logs in SAP GRC and document required evidence.
- Trace and review failed login attempts, role changes, or access anomalies.
Support for Compliance & Audit Activities
- Prepare and submit evidence for internal/external audits.
- Assist in remediation activities by coordinating with SAP Security, Basis, and functional teams.
Coordination & Continuous Improvement
- Ensure clear communication with control owners, security architects, compliance teams, and business stakeholders.
- Identify opportunities to streamline and automate manual controls. Support the development and enhancement of security SOPs and runbooks.
Required Skills & Qualifications:
- 3–5 years of hands‑on experience in SAP Security operations. Strong understanding of SAP authorization concepts (roles, profiles, SU53, PFCG).
- Working knowledge of: SAP ECC or S/4HANA SAP Fiori access concepts Basic SAP GRC Access Control (ARA, EAM, ARM) is desirable Experience performing ITGC/Access controls such as: User Access Review Sensitive Access Review Segregation of Duties checks Firefighter log reviews Transport approvals validation Ability to follow structured compliance processes (SOX/J-Sox, ISO, internal audit). Detail-oriented with strong documentation skills.
Preferred (Nice to Have): Exposure to SAP audit processes. Familiarity with SAP GRC risk analysis and firefighter workflow. Experience working with audit teams or compliance functions. Analytical skills for identifying control gaps or anomalies in access patterns.
Soft Skills: Strong attention to detail and process discipline. Clear and professional communication skills. Ability to work independently with minimal supervision. Proactive mindset towards strengthening SAP security posture. Team-oriented and comfortable collaborating with IT, business, and audit.
Apply directly on our website SAP Security ITGC Controller
Click on Apply to know more.