Risk Management Lead - SAP GRC / SAP S/4HANA

Cybersecurity Risk Management Lead - SAP GRC / SAP S/4HANA

12+ month contract with potential to convert FTE 100% remote working EST

Job Summary
We are seeking a highly skilled and strategic Risk Management Lead to drive and mature our enterprise risk management program within a complex SAP S/4HANA environment. This individual will be responsible for leading efforts across risk identification, assessment, mitigation, and reporting ensuring alignment with corporate goals and regulatory frameworks. The ideal candidate will have a deep understanding of risk and compliance principles, coupled with hands-on experience in SAP GRC and related security practices.
Key Responsibilities

• Lead the development and execution of enterprise IT risk management strategies and frameworks.
• Oversee implementation and optimization of SAP GRC tools (Access Control, Process Control, Risk Management), with a strong focus on integration within the SAP S/4HANA landscape.
• Partner with IT, cybersecurity, audit, and compliance teams to ensure a cohesive approach to risk governance.
• Support large-scale transformation and migration projects, including S/4HANA rollouts, ensuring risk and compliance standards are embedded throughout.
• Conduct risk assessments across systems and business processes to identify, evaluate, and prioritize enterprise risk.
• Design and enhance security roles, segregation of duties (SoD), and access control policies aligned with regulatory requirements (e.g., SOX, GDPR).
• Manage risk and compliance dashboards and provide executive-level reporting using SAP reporting and analytics tools.
• Serve as the subject matter expert and escalation point for enterprise risk-related matters.
• Mentor junior team members and collaborate with cross-functional teams to build a risk-aware culture across the organization.

Qualifications

• 7+ years of experience in cybersecurity, risk management, or GRC roles, preferably within large-scale enterprise environments.
• Deep experience with SAP GRC tools and strong working knowledge of SAP S/4HANA security and compliance features.
• Strong understanding of regulatory frameworks such as SOX, GDPR, ISO 27001, NIST, etc.
• Proven experience developing and managing risk programs or frameworks at a strategic level.
• Demonstrated ability to lead cross-functional initiatives and influence without direct authority.
• Exceptional communication and presentation skills; able to convey complex risk topics to technical and non-technical audiences.
• Relevant certifications such as CISA, CRISC, CISSP, or SAP GRC certifications are a plus.
• Bachelor s degree in Information Security, Computer Science, Business, or a related field; Master s degree preferred.

Preferred Skills and Tools

• SAP Modules: FI, CO, MM, and others
• Risk management platforms and tools (e.g., RSA Archer, ServiceNow GRC)
• Experience with identity & access management (IAM) best practices
• Familiarity with audit management and controls testing
• Experience leading or supporting internal or external audit engagements