Business Analyst – GRC & Security
About the Role
We are looking for a Business Analyst (GRC & Security) to assist a large SAP transformation project.
In this role, you will support the design of SAP roles and you will also spend up to 50% of your time supporting the Security workstream, helping to ensure the SAP platform is secure and audit-ready for go-live.
This role offers the chance to shape processes, strengthen compliance, and work closely with technical teams, business stakeholders, and programme leadership.
Key Responsibilities
1. SAP Roles & Authorisations – Support role design, conduct authorisation testing, and document access requirements.
2. GRC Framework – Assist with GRC tool configuration, compliance reporting, and collection of audit evidence.
3. SoD Analysis – Review and analyse Segregation of Duties conflicts, propose remediation, and support business alignment.
4. UAT & Documentation – Support User Acceptance Testing, prepare process documentation, and deliver training materials for end users.
5. Security Workstream – Contribute up to 50% of time reviewing security testing outputs, tracking remediation actions, and preparing status reports for leadership.
About You
6. Experience as a Business Analyst within ERP, SAP and GRC projects.
7. Knowledge of SAP roles, authorisations, and SoD principles is highly desirable.
8. Strong analytical skills with the ability to document requirements and processes clearly.
9. Exposure to audit, compliance or IT security practices.
10. Excellent communication skills with the ability to work across technical and business teams.
11. Organised, detail-oriented, and comfortable working in a fast-paced programme environment.