IS SME for SAP GRC

Your role and responsibilities (Mandatory)

In this role, you will have the opportunity to own and drive SAP Security, Governance, Risk and Compliance (GRC), and Identity & Access Management solution architecture across ABB's SAP landscape, ensuring alignment with enterprise security standards and compliance requirements.

You will be responsible for the design, implementation, governance, and continuous improvement of SAP authorization and access control frameworks across SAP S/4HANA, Fiori, SAP GRC, SAP Cloud Identity Access Governance (IAG), SAP BTP User Access Management (UAM), and SAP Cloud ALM environments.

You will provide expert guidance on security architecture, role design, segregation of duties (SoD), privileged access management, and compliance controls, supporting both project and operational teams in the deployment of new SAP solutions and the enhancement of existing services. You will also collaborate closely with business stakeholders, IT teams, and external partners to ensure secure, compliant, and efficient access management processes across the SAP ecosystem.

The work model for the role is: Hybrid

This role is contributing to the IS Business Function

You will be mainly accountable for:

• Own the GRC Landscape and SAP Security solutions across SAP S/4HANA, SAP Fiori, SAP BTP, SAP Cloud ALM (CALM), and SAP Identity Access Governance (IAG), ensuring compliance with ABB security and audit requirements.
• Lead the design, implementation, and continuous improvement of role-based access control, authorization concepts, and Segregation of Duties (SoD) frameworks across SAP platforms.
• Manage end-to-end SAP authorization processes, including role design, role maintenance, user provisioning, emergency access management, access reviews, and risk remediation.
• Drive SAP GRC & Identity Access Governance (IAG) implementation, enhancements, and operational support, including Access Request Management (ARM), Access Risk Analysis (ARA) and Emergency Access Management (EAM).
• Define and govern security architecture for SAP S/4HANA and SAP Fiori applications.
• Collaborate with business process owners, auditors, compliance teams, and ERP functional teams to identify, assess, and mitigate access and compliance risks.
• Manage SAP BTP & CALM (UAM), including Identity Authentication Services (IAS), Identity Provisioning Services (IPS), role collections, trust configurations, and integration with SAP and non-SAP applications.
• Drive automation initiatives in access governance, provisioning, monitoring, and compliance reporting to improve operational efficiency and audit readiness.
• Define and maintain SAP Security and GRC standards, governance models, and best practices aligned with SAP's strategic roadmap and ABB's digital transformation initiatives.
• Collaborate with SAP, implementation partners, security architects, and managed service providers to deliver secure, scalable, and compliant SAP solutions.

Qualifications for the role (Mandatory)

• Bachelor’s degree in Computer Science, Information Systems, Information Security, or related field.
• 8+ years of hands-on experience in SAP Security and GRC environments.
• Strong experience with SAP S/4HANA Authorization Concepts, Role Design, and User Administration.
• Proven experience in SAP Fiori Security, Catalogs, Groups/Spaces, Business Roles, and Launchpad Authorization Management.
• Hands-on implementation and operational experience with SAP Identity Access Governance (IAG).
• Experience with SAP BTP Security, User Administration, Role Collections, IAS/IPS, and Identity Lifecycle Management.
• Good understanding of SAP Cloud ALM (CALM) and its integration with SAP operations and compliance processes.
• Strong knowledge of Segregation of Duties (SoD), Access Risk Analysis, Critical Access Management, and Audit Compliance requirements.
• Experience supporting internal and external audits in SAP environments.
• SAP GRC Access Control and/or SAP Security Certification preferred.
• Preferred Certifications: SAP Security, SAP GRC, SAP IAG, ITIL.
• Strong stakeholder management skills with experience working across ERP, Compliance, Audit, and Business teams.