SAP GRC, Security Business Analyst My Client is seeking a business analyst with a strong background in SAP transformations to join the team and assist with GRC and Security Key Responsibilities Support SAP Role Design and Security Architecture: Contribute to the design, development, and optimisation of SAP roles and authorisations in line with business requirements and security best practices.
Collaborate with functional and technical teams to ensure appropriate segregation of duties (SoD) and least-privilege access principles are embedded in the role design.
Authorisation Testing and Validation: Plan and execute end-to-end authorisation testing to validate access controls, including positive/negative testing scenarios, role mapping, and impact assessments.
Coordinate with business process owners to resolve defects and ensure secure and compliant access provisioning.
GRC Tool Configuration and Maintenance: Assist with the configuration, deployment, and ongoing support of SAP GRC Access Control modules (e.g., Access Request Management, Access Risk Analysis).
Ensure the GRC solution aligns with governance policies and enables efficient access risk management and compliance reporting.
Requirements Gathering and Documentation: Elicit, analyse, and document business requirements related to access management, compliance, and reporting needs.
Translate these into clear functional and technical specifications to support solution design and audit readiness.
SoD Conflict Analysis and Remediation: Conduct comprehensive Segregation of Duties (SoD) and critical access risk analyses, leveraging GRC tools and risk matrices.
Work closely with stakeholders to propose and implement remediation strategies, including role redesign, mitigating controls, or process adjustments.
User Acceptance Testing (UAT) and Audit Support: Coordinate and support UAT activities, including test script preparation, execution tracking, and defect resolution.
Facilitate audit evidence capture by preparing documentation, reports, and supporting artefacts to demonstrate compliance with internal controls and regulatory requirements.
Process Documentation and Training Enablement: Develop and maintain high-quality process documentation, including security design guides, user manuals, and standard operating procedures.
Deliver or support training sessions and knowledge transfer to business users, support teams, and auditors to promote awareness of access governance and compliance processes.
If interested please apply now below for more information Reperio Human Capital acts as an Employment Agency and an Employment Business.
Skills: SAP GRC Security Business Analysis