Security and GRC Lead at Sofia Sanjuan | Colombia Jobs Expertini

Job Overview

Company

Sofia Sanjuan

Location

Colombia

Ready to Apply?

Take the Next Step in Your Career

Join Sofia Sanjuan and advance your career in Gestión informática y gestión de proyectos informáticos

Apply for This Position

Click the button above to apply on our website

Job Description

At Adecco Tech we are looking for a Security and GRC Lead with a minimum of 7 years of experience in SAP Security and GRC, including S/4HANA, SAP BTP, Ariba, IBP, and SAC, in addition to having command of the conversational and written English language.

ONLY COLOMBIA

Role Summary

The Security and GRC Lead will provide expert-level oversight and hands‑on management of Security and Governance, Risk, and Compliance (GRC) for Incyte’s SAP application landscape.

This includes S/4HANA Private Cloud on RISE, SAP BTP (Integration Suite & ABAP Cloud Development), SAP Ariba, SAP IBP, and SAP SAC.

The contractor will ensure robust security controls, effective risk management, and strict compliance with SOX and ITGC requirements.

Key Responsibilities

Security & GRC Operations

Lead and execute SAP security architecture design, implementation, and ongoing maintenance across all SAP platforms.
Maintain and update SAP GRC rulesets for sensitive access and segregation of duties (SoD) risks, including risk identification, mitigation, and documentation.
Conduct periodic user access reviews with business role owners; ensure access rights are appropriate, and changes are implemented as needed.
Manage user access provisioning and de‑provisioning, ensuring all requests are approved via GRC workflow.
Enforce authentication parameters, password policies, and single sign‑on (SSO) integration with Active Directory.
Ensure prompt disabling/locking of terminated employee and contractor access.

Compliance & Controls

Ensure adherence to SOX and ITGC controls, including those listed in the client’s control matrix (see attached spreadsheet for reference).
Conduct semi‑annual and annual reviews of user access and role collections; document and implement required changes.
Review administrative user access quarterly and act on necessary changes within required timelines.
Oversee security audit logging and table logging for financially significant processes.
Manage Firefighter ID requests and assignments, ensuring proper routing, approval, and expiration of access.
Establish and maintain system recovery strategies and disaster recovery plans (DRP); coordinate annual DRP tests and document results.
Monitor critical interfaces and batch jobs for errors; ensure error handling and periodic review of failed/incomplete jobs.
Review backup reports for anomalies and ensure incident tickets are created and resolved as needed.

Policy & Process Development

Develop and maintain IT computer operations policies and standard operating procedures (SOPs); review and update annually.
Ensure all policies and procedures are available to IT employees and reflect current operating requirements.

Required Skills & Experience

Bachelor’s degree in Information Technology, Computer Science, or related field (advanced degree preferred).
7+ years of hands‑on experience in SAP Security and GRC, including S/4HANA, SAP BTP, Ariba, IBP, and SAC.
Proven expertise in SAP GRC ruleset management, SoD risk analysis, and mitigation strategies.
Strong knowledge of SOX, ITGC, and audit requirements for SAP environments.
Experience with SAP user access provisioning, workflow approvals, and role management.
Familiarity with SAP security audit logging, table logging, and Firefighter ID management.
Demonstrated ability to develop and implement IT policies, SOPs, and disaster recovery plans.
Excellent communication and stakeholder management skills.
Flexibility to work weekends for planned security patching and maintenance activities.

Preferred Qualifications

SAP certification(s) in Security, GRC, or related modules.
Experience with SAP BTP Integration Suite and ABAP Cloud Development.
Prior experience in a regulated (SOX‑compliant) environment.
Strong analytical and problem‑solving skills.
Maintain and update SAP GRC ruleset and SoD matrix.
Complete periodic user access reviews and role collection audits.
Ensure compliance with all SOX and ITGC controls listed in the attached spreadsheet.
Provide documentation for all reviews, changes, and incident responses.
Develop and update IT policies and SOPs as required.

Submission Requirements

Resume highlighting relevant SAP Security and GRC experience.
Brief summary of SOX/ITGC compliance projects/work delivered.
Availability and hourly/daily rate.

Note: The role requires strict adherence to the SOX and ITGC controls listed in the attached spreadsheet, including access management, backup and recovery, audit logging, and policy development.

Salary: Salary above Integral Minum in COP

Type of contract: Indefinite term

Benefits such as:

Life insurance
Customized Welcome Kit
Educational discounts (technical, professional and language)
Financial alliances (credits and allowances)

Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Other, Information Technology, and Management
Industries: Temporary Help Services

Get notified about new Security Lead jobs in Colombia .

#J-18808-Ljbffr

About Sofia Sanjuan

Quick Access Links

Job Details:
https://co.expertini.com/jobs/job/security-and-grc-lead-colombia-sofia-sanjuan-355-3229122/

Company Jobs:
More Sofia Sanjuan Jobs

Location Jobs:
Jobs in Colombia

Category Jobs:
Gestión informática y gestión de proyectos informáticos Jobs

Don't Miss This Opportunity!

Sofia Sanjuan is actively hiring for this Security and GRC Lead position

Apply Now

Security and GRC Lead