We’re seeking a SAP Security Specialist who’s ready to put your skills to work on projects that matter — and build a career with a company that’s building North America. 

Job Title: SAP Security Specialist   |   Req ID: 15470   |   HR Contact: Stuart Zweighaft   |   Location: Chicago Office IL

This position can be based in Chicago or Tennessee.

ABOUT THE ROLE

Design, architect, and maintain a world-class SAP security ecosystem encompassing sophisticated role-based access controls, GRC (Governance, Risk, and Compliance) frameworks, and advanced security protocols to safeguard enterprise systems and ensure strict adherence to regulatory compliance standards. As a strategic security partner, you will implement industry-leading best practices, conduct proactive risk assessments, and drive continuous improvement initiatives that fortify system integrity, prevent unauthorized access, and ensure seamless operational continuity across the organization's SAP landscape.

WHAT YOU'LL ACCOMPLISH

• Orchestrate SAP Change Management: Lead and manage complex changes across the SAP ecosystem, ensuring secure, controlled implementations in production environments while maintaining zero-tolerance for security vulnerabilities.
• Role Engineering & Optimization: Design, architect, and continuously refine SAP security roles and authorization profiles, ensuring alignment with evolving business requirements, organizational structure, and least-privilege access principles.
• Segregation of Duties (SoD) Management: Conduct comprehensive risk analysis and simulations using GRC tools at technical role, position, and user levels to identify, remediate, and prevent critical SoD conflicts and sensitive access violations.
• Service Delivery Excellence: Monitor and resolve SAP Security tickets and incidents through ServiceNow, ensuring exceptional service delivery while consistently meeting or exceeding established SLAs.
• Advanced Troubleshooting: Analyze and diagnose complex permission-related errors within SAP systems, utilizing deep technical expertise to classify, resolve, or appropriately escalate issues to ensure rapid resolution.
• Audit Log Analysis & Forensics: Perform detailed analysis of SAP audit logs and security events to support investigations, respond to security incidents, and fulfill compliance and regulatory requirements.
• GRC Administration & Enhancement: Maintain and optimize GRC systems, including regular updates to rulesets, risk matrices, and compliance frameworks to ensure real-time risk visibility and regulatory alignment.
• Audit & Compliance Management: Serve as the primary point of contact for internal and external audits, ensuring full compliance with SOX, GDPR, HIPAA, or other applicable regulations through meticulous documentation and control implementation.
• Critical Access Controls: Enforce stringent controls on critical SAP objects, transactions, and administrative functions, implementing security guardrails that align with organizational risk tolerance and industry best practices.
• Security Transformation Projects: Drive and deliver strategic security projects, collaborating cross-functionally to implement innovative solutions that enhance the organization's security posture.
• Process Automation & Optimization: Identify opportunities for security process improvements, designing and implementing automation solutions that reduce manual effort, minimize errors, and accelerate response times.
• Continuous Improvement: Proactively recommend, prototype, and deploy enhancements to the security model that leverage emerging technologies, industry trends, and lessons learned from security assessments.
• Additional Strategic Initiatives: Execute special projects and additional responsibilities as assigned by leadership to support organizational objectives.
• Demonstrate a commitment to communicating, improving and adhering to health, safety and environmental policies in all work environments and areas. Promote a culture of safety and exhibit these behaviors.

RESPONSIBILITIES & TASKS

• Other responsibilities as assigned

WHAT WE’RE LOOKING FOR

Education:  Bachelor's degree  

Additional Education Preferred:  Master's degree

Field of Study Preferred:  Computer science, engineering, and IT-related sciences

Required Work Experience: 

• Minimum 5 years of hands-on experience in SAP Security administration and architecture

• Proven track record in enterprise-scale SAP environments (ECC, S/4HANA)

• Demonstrated expertise in GRC implementations and security compliance frameworks

Required Training/Certifications: 

• SAP Certified Technology Associate - System Security Architect

• SAP GRC Access Control certification

• CISSP, CISM, or equivalent information security certification

• ITIL Foundation or higher

Required Technical Skills: 

• SAP Security: Expert-level knowledge of SAP authorization concepts, role design, profile generation, and user administration

• GRC Solutions: Advanced proficiency in SAP GRC Access Control, including risk analysis, access request management, and ruleset configuration

• Compliance Frameworks: Working knowledge of SOX, GDPR, ISO 27001, or similar regulatory standards

• ServiceNow or ITSM platforms: Experience managing incidents and change requests

Additional Requirements: 

• Successful candidates must adhere to all safety protocols and proper use of Amrize approved Personal Protection Equipment ("PPE"), including but not limited to respirators. Subject to applicable law, employees that are required to wear respirators must be clean shaven where the respirator seal meets the face in order to pass the qualitative and quantitative fit tests.

Amrize is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

We thank all applicants for their interest; however, only those selected for an interview will be contacted.