Programme Manager – GRC Security
About the Role
We are seeking an experienced Programme Manager with GRC Security to lead the GRC workstream through a large SAP transformation.
This role will be accountable for delivering a robust framework covering Roles & Authorisations, GRC and Security readiness to enable a secure, compliant and successful go-live.
Key Responsibilities
Roles & Authorisations
- Lead the design and delivery of SAP roles and authorisations, ensuring alignment with business processes.
- Manage Segregation of Duties risks and drive effective remediation.
- Oversee and support User Acceptance Testing (UAT) for role and access validation.
- Act as a subject matter expert on compliance best practices.
Governance, Risk & Compliance (GRC)
- Implement and embed the programme’s GRC framework.
- Track and report on compliance KPIs, control effectiveness and risk posture.
- Ensure collection and maintenance of audit-ready evidence.
- Drive proactive risk identification, assessment, and mitigation.
Security Readiness
- Lead the implementation of Single Sign-On (SSO) and identity management solutions.
- Review and interpret security testing results, ensuring timely remediation.
- Triage and manage security issues, with focus on critical go-live blockers.
- Ensure security standards and controls are fully integrated into solution design.
About You
- Proven experience managing governance, risk, and compliance workstreams in large-scale SAP or ERP programmes.
- Strong expertise in SAP roles, authorisations and SoD principles.
- Hands-on experience with GRC frameworks, audit processes, and risk management.
- Good understanding of security practices including SSO and access management.
- Excellent leadership, stakeholder management, and communication skills.
- Strong problem-solving ability with a focus on delivery and business outcomes.
