Apply now »

Job Title:  Design Authority - GRC

Job Number:  22224

We are BAT! A global leader with more than 250 brands in over 200 markets. And we bring together the world’s brightest and best minds.


This SAP GRC Security role will be responsible for the day-to-day support of the SAP GRC (Governance Risk & Compliance) Access Controls / Process Controls landscape connected to multiple satellite landscapes which may include ECC, APO, SRM, PI, BI/BPC (BW/HANA/BOBJ), HR, Redwood, Portal and Solution Manager. The role will also be responsible for the SAP authorisation related matters of the mentioned landscapes.

In addition, this individual will provide technical expertise to the functional and technical user base to ensure information security is compliant with the company’s security policies and segregation of duty (SoD).



  • Provide GRC and authorisation technical advice and support the BAT specified on-going activities.
  • Performs SAP user administration and role/profile assignment.
  • Performs the Role Creation, Modification and performs level 3 Full trouble shooting support for users' authorization failures in all SAP applications and managing the resolution of Security issues and support in integration testing of Roles/Profiles.
  • Understand overall business process, system capability and configuration
  • Performs the Quality Assurance of changes to system
  • Performs impact assessment of potential changes
  • Performs user access control and security administration for selected applications
  • Coordinates and executes agreed business release plans, technical changes and upgrades
  • Coordinates communications around changes
  • Performs the validation UAT as part of the Change Management
  • Uses agreed global, standardised IT Service Management processes e.g. for Service Transition Management, IT Security, Knowledge Management.
  • Ensures effective evaluation of business risks and issues related to operational incidents, potential application changes and internal audit reports. Implement appropriate risk management processes and take appropriate and timely actions.
  • Coordinates and / or performs the execution of SOX controls
  • (Design Authority) Plans and manages own work to deliver agreed objectives and outputs



  • Business Controls Team – main business stakeholder of the GRC team
  • Strategic 3rd Party Vendors – work with 3rd party vendors in achieving organisation’s compliance and BAU delivery objectives
  • Internal and External Auditors – compliance partners for the organisation’s IT compliance
  • SAP CoE – close collaboration to ensure that Business Release deliverables are delivered on time



  • Bachelor of Science degree in Information Systems or Computer Science
  • Must have 3-5 years of SAP Security and Production support experience
  • Skill in GRC implementation and/or Basis would be added advantage
  • Working knowledge of SoD (segregation of duties) analysis, sensitive transactions analysis,
  • Experience with workflow functionality in SAP GRC Access Request Management.
  • Candidate must have strong problem-solving skills, be self-directed and capable of working with minimal supervision.
  • Must have a strong, demonstrated commitment to customer service and be committed to pro-active review of processes and procedures to continually enhance service quality, service delivery and support.
  • Excellent interpersonal and organizational skills with ability to communicate effectively with both technical and non-technical customers.


  • Basic understanding of SAP modules.
  • Knowledge in regulatory controls such as SOX, GDPR, DPA etc.



  • Willing to travel for short periods (up to 2 weeks, infrequently)
  • Flexible with the working hours



We are BAT! A global leader with more than 250 brands in over 200 markets. And we bring together the world’s brightest and best minds.

Job Segment: ERP, Law, Risk Management, Computer Science, Information Systems, Technology, Legal, Finance

Apply now »