SAP GRC
DXC Technology
Date: 1 day ago
City: Riyadh
Contract type: Full time

Job Description
The SAP GRC Expert is responsible for leading the implementation, operation, and optimization of SAP Governance, Risk, and Compliance (GRC) solutions across enterprise environments. The role includes delivery of SAP GRC Access Control (ARA, ARM, BRM, EAM), ensuring effective segregation of duties (SoD), role governance, and secure access provisioning across SAP and non-SAP landscapes.
The manager will work closely with audit, compliance, security, and SAP functional teams to define governance models, resolve access violations, and maintain regulatory compliance. Experience with S/4HANA integration, compliance frameworks (SOX, GDPR), and SAP GRC upgrades is expected.
Key Responsibilities
Education & Certifications:
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.
The SAP GRC Expert is responsible for leading the implementation, operation, and optimization of SAP Governance, Risk, and Compliance (GRC) solutions across enterprise environments. The role includes delivery of SAP GRC Access Control (ARA, ARM, BRM, EAM), ensuring effective segregation of duties (SoD), role governance, and secure access provisioning across SAP and non-SAP landscapes.
The manager will work closely with audit, compliance, security, and SAP functional teams to define governance models, resolve access violations, and maintain regulatory compliance. Experience with S/4HANA integration, compliance frameworks (SOX, GDPR), and SAP GRC upgrades is expected.
Key Responsibilities
- Lead SAP GRC Access Control implementation, configuration, and support
- Define and maintain SoD rules, risk mitigation strategies, and audit workflows
- Manage GRC modules including Access Risk Analysis, Access Request Management, Business Role Management, and Emergency Access Management
- Design and optimize user provisioning workflows, approval stages, and escalation paths
- Collaborate with security and audit teams to align GRC with compliance policies
- Configure integration with SAP systems (ECC, S/4HANA) and Active Directory or Identity Providers
- Define technical roles, business roles, and role derivation strategy
- Support GRC reporting, controls testing, and audit documentation
- Oversee upgrades, performance tuning, and GRC connector configurations
- Deliver training to compliance officers, end users, and security administrators
Education & Certifications:
- Bachelor’s degree in Information Security, Information Systems, or related field
- SAP Certified Application Associate – SAP GRC Access Control
- Additional certifications in risk management, audit, or cybersecurity (e.g., CISA, CISM) are preferred
- Project Management certification (PMP or equivalent) is a plus
- 5–12 years of SAP Security and GRC experience
- At least 2 years in a managerial or GRC leadership role
- Proven record in full-cycle SAP GRC Access Control implementations
- Experience in managing security for SAP ECC, S/4HANA, and cloud connectors
- Involvement in SOX, GDPR, or ISO 27001-related compliance initiatives
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Subject Matter Expert (SME) - Asset & Investment Management
LeadingEdge HR Solutions,
Riyadh
3 hours ago
Subject Matter Expert (SME) - Asset & Investment ManagementLocation: Riyadh, Saudi ArabiaJob SummaryOur client is seeking a a hands-on Asset & Investment Management SME to work closely with various teams in building a digital retail investment platform for a leading KSA-based investment firm. The ideal candidate will have direct experience in operational implementation and a strong background in asset management...

IT Administrator
Qureos,
Riyadh
9 hours ago
Role Descriptionhiring a skilled Administrator to manage our IT infrastructure, support internal teams and clients, and maintain the security and performance of our systems. The ideal candidate will be proactive, technically strong, and capable of managing both network and server environments.Key ResponsibilitiesSet up and manage company networks and serversProvide technical support to internal teams and external clientsManage and maintain call...

Presales Senior Architect I
stc,
Riyadh
10 hours ago
Job PurposeThe purpose of this job family is to deliver advanced technical solutions and customized demonstrations to support the sales process by designing and configuring complex solutions tailored to meet customer needs.Key Responsibilities Assists in managing pre-sales activities and develop solution specification in alignment with sales teams. Assists in managing sales team by creating and delivering pre-sales technical presentations/demonstrations. Prepares...
