SAP Security/GRC administrator

Jelentkezés a cégnél

Cég neve

DXC Technology Magyarország Kft.
Munkavégzés helye

Hibrid • Budapest

Munkaidő, foglalkoztatás jellege
- Alkalmazotti jogviszony
- Általános munkarend
Elvárt technológiák
- SAP SECURITY ACCESS CLOUD SOX GDPR
Elvárások
- Angol középfok
- 5-10 év tapasztalat
- Középiskola

Állás elmentve

A hirdetést eltávolítottuk a mentett állásai közül.

Responsibilities

Design, implementation, and maintenance of SAP security architecture across the entire landscape (S/4HANA, ECC, BTP, Fiori)
Management of user access with adherence to SoD (Segregation of Duties) policies and regulatory requirements (SOX, GDPR, GxP)
Ownership of SAP GRC (Governance, Risk, and Compliance) suite
Design, build, and maintenance of SAP roles (PFCG) using Task-based or Job-based methodologies (Single, Composite, and Derived roles)
Management of Fiori catalogs, groups, and OData service authorizations
Oversight of user provisioning, de-provisioning, and periodic access reviews
Management of security for SAP BTP (sub-accounts, role collections) and cloud-based solutions like SuccessFactors or Ariba
Configuration and maintenance of GRC modules: ARA (Access Risk Analysis), ARM (Access Request Management), EAM (Emergency Access Management / Firefighter), and BRM (Business Role Management)
Identification and remediation of SoD and critical action violations with business process owners to define mitigating controls
Maintenance and updating of the GRC Global Rule Set to reflect current business processes
Lead technical contact for internal and external audits providing evidence, reports, and logs
Regular system audits and security health checks (e.g., monitoring the Security Audit Log, EWA reports)
Monitoring and application of SAP Security Notes (Patching) in collaboration with the Basis team

Requirements

Expert knowledge of FDA 21 CFR Part 11, EU Annex 11, and GAMP 5 guidelines
7+ years in CSV with at least 2 years in leadership or coordination capacity within a regulated industry
Experience validating platforms such as SAP S/4HANA, LIMS, QMS (TrackWise/Veeva), MES, or clinical trial systems
Understanding of validating SaaS/Cloud solutions and managing the shared responsibility model
Uncompromising eye for documentation quality and audit-ready evidence
Ability to apply ICH Q9 principles to scale validation efforts effectively
Ability to negotiate between IT and QA
5+ years of hands-on experience in SAP Security and GRC
Deep knowledge of S/4HANA security and SAP GRC 12.0 (on-premise or cloud)
Experience with HANA DB user management and analytical privileges
Ability to trace complex authorization errors (SU53, ST01) and identify root causes
High degree of discretion with access to sensitive data and God-mode credentials
Zero tolerance for sloppy role design that could lead to audit findings

Nice-to-have

SAP Certified Technology Associate – SAP System Security and Authorizations, SAP Certified Application Associate – SAP GRC Access Control, CISA (Certified Information Systems Auditor)

What we offer

Full time employment
Project location Budapest – Hybrid
Ability to participate in virtual meetings across multiple time zones

Company info

DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds. The world’s largest companies and public sector organizations trust DXC to deploy services across the Enterprise Technology Stack to drive new performance levels, competitiveness, and customer experience.