SAP Security & GRC Lead

The Opportunity

QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most – home to hospital, lab to clinic.

Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all.

Key Responsibilities

• Design, build, and maintain SAP security roles across multiple systems (ECC, BW, S/4HANA, BTP, Ariba).

• Perform Segregation of Duties (SoD) analysis and remediation using SAP GRC Access Control.

• Maintain and manage SoD rule sets, including updates, risk reviews, and alignment with business processes.

• Manage end-to-end user access lifecycle (provisioning, modification, de-provisioning).

• Administer and support SAP GRC Access Control modules, including: Access Request Management (ARM)Access Risk Analysis (ARA)Emergency Access Management (EAM)

• Ensure compliance with internal controls, audit requirements, and regulatory standards.

• Actively support internal and external audits, including evidence gathering, control validation, and remediation of findings.

• Perform user license analysis and optimization to ensure cost efficiency and compliance.

• Collaborate with business and functional teams to design secure and efficient role structures.

• Monitor and troubleshoot security-related issues across SAP systems.

• Drive continuous improvement in security processes, automation, and governance.

Required Skills & Qualifications

• Minimum 5+ years of hands-on SAP Security & GRC experience.

• Strong expertise in: SAP Role Design & Authorization Concepts SoD Risk Analysis and Mitigation SoD Rule Set Maintenance and Governance SAP GRC Access Control (AC 10.x / 12.x) including BRF+ and MSMP

• Experience with Fiori security and catalog/role design

• Experience supporting multiple SAP environments: SAP ECCSAP BWSAP S/4HANASAP BTPSAP AribaSAP Fiori

• Knowledge of user licensing models and optimization strategies.

• Strong familiarity with audit processes (SOX, internal/external audits).

• Strong understanding of SAP authorization objects, profiles, and role transport processes.

• Experience with firefighter ID management and emergency access controls.

• Ability to work independently and manage multiple priorities in a fast-paced environment

Preferred Qualifications

• Knowledge of SAP Identity Management (IdM) or other Products like MS Entra Id

• Exposure to cloud security concepts within SAP BTP.

• SAP Security or GRC certification is a plus.

• Exposure to CPRGRC would be a plus

Soft Skills

• Strong analytical and problem-solving abilities

• Excellent communication and stakeholder management skills

• Ability to translate business requirements into security solutions

• Detail-oriented with a focus on compliance and governance

Originally posted on Himalayas