2,942 Sap Grc jobs in the United States

Job Description:

DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services across the Enterprise Technology Stack to drive new performance levels, competitiveness, and customer experience. Learn more about how we deliver excellence for our customers and colleagues at DXC.com.

Location: Remote with up to 50% travel to client location. Candidates located within 25 miles of a DXC office will be required to work onsite 2-3 times per week.

Job Summary: We are seeking an experienced SAP GRC Security Subject Matter Expert (SME) to lead and support the design, implementation, and governance of SAP security and compliance solutions. The ideal candidate will have deep expertise in SAP GRC Access Control, SAP Security architecture, and risk management practices, ensuring secure and compliant SAP environments across the enterprise.

Key Responsibilities:

• Serve as the SME for SAP GRC Access Control (AC), Process Control (PC), and Risk Management (RM) modules.

• Design and implement SAP security roles and authorizations across SAP ECC, S/4HANA, BW, Fiori, and other SAP systems.

• Lead GRC Access Control implementations including ARA (Access Risk Analysis), ARM (Access Request Management), BRM (Business Role Management), and EAM (Emergency Access Management).

• Conduct risk analysis and remediation of SoD (Segregation of Duties) conflicts and critical access.

• Collaborate with audit, compliance, and internal control teams to ensure adherence to regulatory requirements (e.g., SOX, GDPR).

• Perform periodic access reviews, user access certifications, and security audits.

• Provide guidance on SAP security best practices and governance frameworks.

• Support SAP upgrades, patching, and project initiatives from a security and compliance perspective.

• Train and mentor junior security analysts and business users on GRC tools and processes.

Required Qualifications:

• Bachelor's degree in information technology, Computer Science, or related field.

• 7+ years of experience in SAP Security and GRC.

• Strong hands-on experience with SAP GRC Access Control 10.x/12.x.

• In-depth knowledge of SAP authorization concepts, role design, and user provisioning.

• Experience with SAP S/4HANA security and Fiori launchpad roles.

• Familiarity with regulatory compliance frameworks (SOX, GDPR, etc.).

• Excellent analytical, communication, and documentation skills.

Preferred Qualifications:

• SAP GRC or SAP Security certification.

• Experience with SAP IDM (Identity Management) or SAP Cloud Identity Services.

• Exposure to SAP HANA database security.

• Knowledge of IT General Controls (ITGC) and audit processes.

• Soft Skills:

• Strong problem-solving and critical thinking abilities.

• Ability to work independently and in cross-functional teams.

• Excellent stakeholder management and communication skills.

Work Environment:

• It is expected, at this time, you may be required as part of the job function to travel up to 50%.

• Candidates located within 25 miles of a DXC office will be required to work onsite 2-3 times per week.

• Must be legally authorized to work in the US without requiring sponsorship now or in the future.

Please note: Many of our clients are in a controlled goods program environment and must comply with the International Traffic in Arms Regulations (ITAR), which mandates that all applicants be U.S. Persons.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We're committed to fostering an inclusive environment where everyone can thrive.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law. View postings below .

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters . To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings link (

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email ( ) .

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Job Functions & Responsibilities • Participate in SAP GRC project, enhancement and support and other relevant assignments (as needed) and provisioning across various ERP application environments following the organizational guideline and procedure and perform the below activities- • Configure and maintain SAP GRC tools, including Access Control, Risk Management, and Process Control and IAG • Provision and manage user accounts and access to SAP systems, ensuring that all access is granted in accordance with established policies. • Design, configure, and maintain roles, authorizations, and user access within S/4HANA, ensuring appropriate access levels for users. • Generate reports and conduct audits to monitor SAP security & ITGC controls and ensure compliance including SOD management and configuration • Investigate and resolve GRC-related issues, providing timely support to users and other IT teams. • Maintain comprehensive documentation of security policies, procedures, and role 3 designs. • Work with cross-functional teams, including IT, business users, and auditors, to ensure alignment of security requirements and best practices

Skills SAP ERP(S/4 Hana is added plus), Workday, Active Directory group, GRC AC 10.1 and above, Microsoft Azure, success factor, applicable functional knowledge for SAP security in the area like Finance, MM, ISU billing etc., SAP audit & compliance

& Certifications • Bachelor's degree in engineering, IT, or related field. • 7-10 years of hands on industry experience in SAP GRC AC and PC implementation and administration • Familiarity with SAP S/4HANA system landscapes, including Fiori authorizations in cloud-based environment (SAP RISE) • Proficiency in using SAP security tools and configurations. • Ability to identify, analyze, and resolve complex security and compliance issues. • Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams.

• Detailed understanding of the SAP authorization concept in one or more of the following areas: ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA
• Experience of designing, building and implementing SAP security and authorization solutions
• Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products
• Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within (ideally v12 onward)
• Experience of IDM solutions, either SAP's IDM solution, or non-SAP, such as SailPoint or Saviynt would be of advantage.
• Experience of third-party solutions to secure SAP estates also an advantage
• Experience of SAP Fiori catalogs, groups, pages and spaces
• Experience of SAP IAG solutions would be an advantage, both IAS and IPS

• Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects
• Implementation of GRC technology and supporting modules
• Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs
• Perform controls and configuration reviews involving relevant application systems and processes
• Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance
• Review and advise on security redesign and remediation projects
• Provide a broader range of information risk management solutions to clients as required
• Build relationships with new clients and maintain good relations with our existing client base
• Integrate solutions into wider cybersecurity controls estates

• The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution
• An enquiring mind to discover "why" clients need to introduce the controlling measures.
• The ability to manage projects within varied client engagements and lead reviews and implementations
• Knowledge of corporate business processes and their control points
• Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & the GDPR
• Bachelor's degree
• Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO)
• SAP certification (Security, GRC)
• Consulting background
• Strong written and verbal communication skills
• Integration experience
• Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs
• Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually.
• Able to communicate technical and functional requirements to both the business and IT

• Project manage large / complex SAP Security implementations, especially for S/4 HANA projects
• Implementation of GRC Access Controls and supporting modules
• Work with clients to understand requirements and configure solutions to best fit those needs
• Perform controls and configuration reviews involving SAP systems
• Advise clients on controls in SAP relating to regulatory or legislative compliance
• Review and advise on SAP security redesign and remediation projects
• Provide a broader range of information risk management solutions to clients as required
• Build relationships with new clients and maintain good relations with our existing client base
• Integrate solutions into wider cybersecurity controls estates

SAP GRC

Minneapolis, MN

JD:

5-8 years of experience in SAP GRC Access Control or SAP Authorization Management or SAP Cybersecurity.

At least 1 year working with SAP Cloud IAG & SAP BTP Cloud Identity Services or ETD or non-SAP security tools.

Experience in 2-3 security implementations for hybrid SAP landscapes.

Exposure to responding to RFPs/RFIs.

Full life cycle implementation cycle with blueprinting, GRC ACCESS CONTROL and go live experience

Should have technical knowledge and hands on experience on customization for GRC workflows, BRF+ ARA, ARM, BRM and EAM

Experience on SOX Controls.
•Work with the technical teams to complete the SAP for Resolving the technical issues related to GRC.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

• Engagement management including project planning, status reporting, reviewing client deliverables, budget management and forecasting, and complying with all company quality standards.
• Contributing to the execution of the Risk Consulting strategy and growth plan by building, developing and managing teams to meet the strategic goals at the local, regional, and national levels.
• Furthering our brand and market presence by serving as a visible spokesperson and thought leader at industry conferences and other professional events.
• Growing client relationships in the mid-market tier. This includes strengthening relationships within existing accounts, as well as developing new leadership-level relationships at potentially new accounts.
• Proactively driving the continued maturation and industrialization of our current SAP ERP Security methodology, associated work programs, accelerators, and testing procedures.
• Promoting cross-competency growth by identifying opportunities to integrate add-on services both within and outside of Risk Consulting.
• Developing our people through technical training and career advising. Also includes working with recruiting to identify and screen external talent in the marketplace, hire, and onboard.
• Integrating the strategy and adopting the core values of the firm.

• Deep technical exposure in the SAP suite of applications including exposure to security design, testing, implementation and support.
• Technical knowledge of controls monitoring/auditing tools such as SAP GRC, GRC Control Panel, ERP Maestro, FastPath, etc.
• Minimum of 8 years of professional experience in public accounting or relevant compliance industry experience.
• Experience engineering and presenting new business development opportunities for SAP security design, GRC implementations and SAP security managed services.
• Experience with at least 5 full SAP security implementations
• Understanding of SOX, COBIT, COSO and other controls framework
• Experience working with clients in multiple industry's
• Experience training others on ERP controls and security knowledge
• Additional experience with multiple other ERPs such as Oracle Cloud, NetSuite a plus.
• Experience with risk and controls for S/4 HANA and HANA database/platform preferred
• Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
• Must exhibit excellent communication, interpersonal, and team collaboration skills.
• Travel throughout the region is expected, up to 25% travel

• The successful candidate will have a strong sense of leadership and a high level of energy
• A self-starter with a practice building mentality who is hands on, results-oriented and leads by example
• Highly respected team leader and people developer with an ability to inspire others to follow
• Exceptional professionalism that commands the respect of colleagues
• A strong entrepreneurial spirit with the highest levels of professional and personal honestly, integrity and ethics

• Detailed understanding of the SAP authorization concept in one or more of the following areas: ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA
• Experience of designing, building and implementing SAP security and authorization solutions
• Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products
• Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within
• Experience of IDM solutions, either SAP's IDM solution, or non-SAP, such as Sailpoint or Saviynt would be of advantage.
• Experience of third-party solutions to secure SAP estates also an advantage

• Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects
• Implementation of GRC technology and supporting modules
• Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs
• Perform controls and configuration reviews involving relevant application systems and processes
• Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance
• Review and advise on security redesign and remediation projects
• Provide a broader range of information risk management solutions to clients as required
• Build relationships with new clients and maintain good relations with our existing client base
• Integrate solutions into wider cybersecurity controls estates

• The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution
• An enquiring mind to discover "why" clients need to introduce the controlling measures.
• The ability to manage projects within varied client engagements and lead reviews and implementations
• Knowledge of corporate business processes and their control points
• Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & the GDPR
• Bachelor's degree
• Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO)
• SAP certification (Security, GRC)
• Consulting background
• Strong written and verbal communication skills
• Integration experience
• Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs
• Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually.

• Project manage large / complex SAP Security implementations, especially for S/4 HANA projects
• Implementation of GRC Access Controls and supporting modules
• Work with clients to understand requirements and configure solutions to best fit those needs
• Perform controls and configuration reviews involving SAP systems
• Advise clients on controls in SAP relating to regulatory or legislative compliance
• Review and advise on SAP security redesign and remediation projects
• Provide a broader range of information risk management solutions to clients as required
• Build relationships with new clients and maintain good relations with our existing client base
• Integrate solutions into wider cybersecurity controls estates