How you will make an impact:
In this role, you act as the central technical authority for SAP authorization management and SAP GRC across METRO鈥檚 extensive SAP landscape of more than 300 systems spanning Finance, Logistics, HR, and Governance/Risk/Compliance. As a core expert within the SAP GRC Squad, you ensure that authorization processes are secure, compliant, and operationally efficient. The squad owns and maintains SAP GRC Access Control鈥攊ncluding workflows, SoD risk catalogs, firefighter concepts, and compliant provisioning鈥攁nd governs the end-to-end authorization lifecycle across ECC, S/4HANA, BW/BI, HR, Fiori, and SAP SaaS applications.
You play a critical role in shaping robust authorization concepts, integrating SAP identities with non-SAP systems (e.g., Active Directory, SSO, IDM), and ensuring adherence to audit requirements such as SOX and GDPR. By steering external providers, optimizing license-relevant authorizations, and ensuring risk- minimized, audit-ready role designs, you directly strengthen METRO鈥檚 security posture and operational resilience.
Your Responsibilities:
- Serve as the technical SAP authorization and SAP GRC expert for internal teams, external partners, auditors, and end users.
- Ensure a secure, audit-proof, and risk-free authorization setup across all SAP systems.
- Operate, enhance, and maintain SAP GRC Access Control, including compliant provisioning, risk analysis, SoD controls, and firefighter processes.
- Design and maintain SAP roles and authorization concepts across ECC, S/4HANA, Fiori, and SAP
- SaaS solutions.
- Execute PFCG role maintenance, SU01 user provisioning, and SUIM-based audit/reporting.
- Minimize license costs by optimizing authorization designs in line with SAP RISE and new licensing concepts.
- Integrate SAP authorization concepts with Fiori apps, cloud systems, SSO, IDM, and Active Directory.
- Collaborate with business stakeholders to understand end-to-end processes and translate them into secure authorization models.
- Challenge and guide external providers to ensure high-quality, compliant service delivery
- Prepare for and support internal/external audits, provide evidence, and implement remediation.
- Contribute to continuous improvement of SAP security policies, standards, and procedures.