SAP Identity Governance & Compliance Analyst

About the Role

We are looking for a SAP Identity Governance & Compliance Analyst to join our IT team. This role is responsible for securing user access across SAP systems while ensuring compliance with regulatory requirements such as SOX and ICFR, as well as internal corporate policies.

The position plays a critical role in preventing fraud, supporting accurate financial reporting, maintaining audit readiness, and ensuring secure SAP access across the organization.

Key Areas of Responsibility & Duties

SAP Security Administration & Governance

• Manage SAP user provisioning, role assignments, license impacts, and deprovisioning across SAP landscapes (S/4HANA, BDC, SAC).
• Support SAP authorization concepts aligned to least privilege and role-based access control (RBAC).
• Initiate quarterly User Access Reviews (UARs) for SAP and support business owners during access recertifications.
• Support role design and redesign initiatives for ongoing SAP projects and upgrades.
• Review high-risk access requests and escalate concerns to leadership when necessary.

Segregation of Duties & Risk Management

• Monitor, analyze, and remediate SoD violations using Soterion.
• Recommend role redesign, mitigating controls, and access adjustments to reduce SoD risk.
• Assist in maintaining rule sets, risk libraries, and mitigating control documentation.
• Conduct SAP access risk assessments and impact analysis for new roles and access requests.

Compliance & Audit Support

• Support internal and external audits (SOX, ICFR) by providing evidence and documentation.
• Track remediation efforts and ensure timely closure of audit findings.

Qualifications and Skills

Required

• 2–5+ years of experience in SAP Security, SAP GRC, Identity Governance, or IT compliance.
• Strong understanding of SAP authorization concepts (roles, profiles, catalogs)
• Knowledge of compliance frameworks (SOX, ICFR).
• Experience analyzing and remediating Segregation of Duties issues.
• Strong documentation, analysis, and communication skills.
• Strong in English both written and verbal.

Preferred

• Experience with SAP S/4HANA and Fiori security.
• Strong understanding of business processes (P2P, O2C, FICO, MM, PM).
• Operational business background with desire for SAP security

Soft Skills

• Detail-oriented with strong analytical abilities
• Ability to communicate technical concepts to non-technical users
• Strong organizational and time management skills
• Ability to work independently and collaboratively across teams

Additional Assets

• Mining industry experience is an asset.
• Experience with Soterion GRC is an asset.
• SharePoint and SharePoint Solutions and ITSM tools highly desired.

📌 We offer a collaborative global environment, exposure to enterprise SAP landscapes, and the opportunity to play a key role in governance and compliance.