Browse
···
Log in / Register
Summary: We are seeking a GRC Access Control Manager to strengthen our global IT team, managing SAP authorizations and roles to ensure correct access rights and protect critical data. Highlights: 1. Own and continuously enhance the global SAP Access Control operating model 2. Drive Segregation of Duties (SoD) governance and risk analysis 3. Partner with IAM and SAP Security/Authorization teams for consistent role design **About the Role** We are seeking an **GRC Access Control Manager** to strengthen our global IT team. In this role, you will manage SAP authorizations and roles across our worldwide systems, ensuring users have the correct access rights while protecting critical data and applications. You will be at the forefront of maintaining security, compliance, and efficiency within Symrise’s SAP ecosystem. **Key Responsibilities** * Own and continuously enhance the global SAP Access Control operating model, including request workflows, approvals, provisioning controls, emergency access, and periodic review processes. * Embed GRC\-by\-design into SAP programs and rollouts (ECC/S/4HANA and beyond), ensuring access governance and control requirements are considered early in project planning and execution. * Manage and optimize access request processes via GRC, including role\-based access, privileged access (Firefighter/EAM), and compliant approval flows aligned with audit expectations and business needs. * Drive Segregation of Duties (SoD) governance, including rule set maintenance, risk analysis, mitigation workflows, and remediation planning together with process and control owners. * Establish and run access review and recertification activities (periodic reviews), ensuring strong manager visibility, clear accountability, and measurable completion/quality rates. * Partner with IAM and SAP Security/Authorization teams to ensure consistent role design principles, clean interfaces between systems, and high\-quality identity/authorization data across the tool chain. * Deliver reporting and transparency for stakeholders (business and IT), including SoD risk posture, firefighter usage, review progress, and key control KPIs. * Support internal/external audits by providing evidence, control narratives, and continuous improvement actions for GRC\-related findings and control enhancements. * Develop, maintain, and communicate policies, procedures, and user guidance for access governance \- ensuring clarity, usability, and adoption across regions and functions. * Enable and train stakeholders (requestors, approvers, role owners, key users) on GRC processes, decision responsibilities, and best practices to reduce cycle times and improve control quality. * Act as a proactive problem\-solver for access\-related incidents and process breakdowns, driving root\-cause analysis and sustainable remediation. **About you** * Proven experience in SAP Access Control (request workflows, SoD analysis, firefighter/emergency access, access reviews), ideally in global enterprise environments. * Strong understanding of SAP authorization concepts and the practical interaction between role design, provisioning, controls, and business processes (ECC/S/4HANA). * Demonstrated ability to design and operate scalable access governance processes, aligning security, compliance, and business efficiency goals. * Strong analytical and problem\-solving capabilities, including the ability to translate control requirements into clear workflows, rulesets, and actionable stakeholder guidance. * Excellent communication and stakeholder management skills in international environments, including facilitation with business owners, IT teams, audit/compliance, and external partners. * A proactive, structured, and customer\-focused mindset \- able to lead improvements, drive adoption, and deliver measurable results without formal direct authority. * Fluency in English (written and spoken). German (and/or French, Spanish) is a strong advantage for collaboration with regional units. * Typically 5\+ years of relevant experience in SAP security/authorizations, GRC access control, IAM governance, or compliance\-related access management roles. * Certifications are a plus, but hands\-on delivery and stakeholder impact are key. **Location** ### **Location** Spain – Barcelona – Join our **Data \& AI Hub** located in Poblenou! This role follows a **hybrid work model** ### **✨ What We Offer** ✅ Competitive salary \& benefits ✅ Private health \& life insurance ✅ Hybrid work model in Poblenou \+ ✅ International, innovative team Job Reference: EA03491
