The contract ends on 13/10/2025
Reporting to the Head of IT Controls
Hybrid role with 1 day a week in the office
Salary: £30k - 40k (depending on the experience and training needed)
About your role:
As an Identity and Access SAP Advisor, you will define & communicate access role ownership accountabilities for business applications within SAP, create and maintain IAM Processes, define, document and execute processes and procedures for the provisioning, reviewing (User Access Reviews) and de-provisioning of user accounts and access rights. You will also support regulatory compliance evidence requests, as required (e.g. UK Corp Gov, SOX, Financial Controls etc.)
About your responsibilities:
* Create processes for User Access Reviews for in-scope systems - Primarily SAP
* Support different areas of the SAP estate
* Perform reviews at least bi-annually on each system
* Generate playbooks for User Access Reviews, Segregation of Duties & Leavers processing
* Provide relevant evidence to auditors, internal and external while working with business analysts to create & manage “Digital Personas”
* Map rights to roles to ensure least privilege is maintained
* Assist in the design and implementation of JML Processes, ensuring the adoption of least privilege to all accounts and overall good practice
* Generate and maintain educational and training information for system owners, outlining their responsibilities and the expectations of them.
About You - knowledge, skills, and experience:
* Knowledge of SAP Authorisations and Access Control
* Knowledge of Cyber Security, tools and solutions
* Knowledge of Information Security methods
* A minimum of 3-5 years in a related Identity or information security role
* Ability to engage and communicate with key stakeholders
* Clear, articulate, and confident communicator
* Strong reading and writing abilities, capable of articulating complex topics to a wide audience in an understandable manner
Desirable, but not essential:
* Experience and/or knowledge with SOX Compliance
* Security+ (CompTIA)
* Microsoft security qualifications
* Experience or knowledge of ISO27001 certification
* Experience or knowledge of PCI-DSS certification
* Experience or knowledge of Azure Active Directory
If this sounds like you, we would love to speak further. Please click to apply or register your interest.
#J-18808-Ljbffr