Legend Biotech is seeking Manager, SAP Security and GRC as part of the US IT team based in Somerset, NJ. 

Role Overview

As a SAP Security and GRC team member, you will play a critical role in ensuring the security and compliance of SAP systems, with a particular focus on SAP S/4HANA and GRC AC systems and their components. You will leverage experience in SAP Security to support end-to-end project implementations, testing support, and compliance activities. Additionally, your expertise in GxP regulations and pharmaceutical requirements will enable you to design solutions that meet regulatory compliance standards.

Key Responsibilities  

• SAP Security Implementation: Support end-to-end SAP Security project implementations, including security design, role development, testing support, cut-over preparation, and hypercare activities, with a focus on SAP S/4HANA and GRC AC systems.


• Role-based Access Controls: Design and develop SAP security roles and role-based access controls (RBAC) to ensure proper user access and segregation of duties.


• SAP GRC Components: Implement and support GRC AC, Access Request Management, Access Risk Analysis (ARA), and Emergency Access Management (EAM) components.


• GRC Administration: Provide GRC admin support, including the maintenance of GRC AC rule sets and the management of Segregation of Duties (SoD) conflicts. Perform Segregation of Duties (SoD) analysis, analyze risks, and propose solutions to remediate or mitigate SOD violations.


• Compliance with GxP Regulations: Apply a comprehensive understanding of GxP regulations, including pharmaceutical requirements outlined in the U.S. Food and Drug Administration CFR Title 21, to ensure solutions meet compliance standards for pharmaceutical and biotechnology companies.


• Risk Assessments: Conduct periodic risk assessments to identify security gaps and recommend appropriate controls and mitigations.


• Audit Support: Support IT General Controls and SOX audit and compliance activities, including providing necessary documentation and evidence related to SAP Security and GRC.


• Security Reporting and Analysis: Create and provide SAP Security reports as needed, such as SOX and EWA reporting. Perform system analysis of SAP systems to assess impacts on security design.


• SAP Project Methods and Best Practices: Apply in-depth process knowledge of SAP project methods and best practices to ensure effective implementation and adherence to security standards.

Requirements

• A minimum of a Bachelor’s Degree in a relevant discipline, advanced degree is preferred.


• Minimum of 7 years of experience in SAP Security, with a focus on SAP S/4HANA and GRC AC systems and their components.


• Experience supporting ITGC and SOX audit and compliance activities.


• Strong understanding of SAP application security implementation methodologies, role development, GRC administration, and role-based access controls.


• Comprehensive knowledge of GxP regulations, including pharmaceutical requirements outlined in the U.S. Food and Drug Administration CFR Title 21.


• Proficiency in GRC AC rule sets and Segregation of Duties (SoD) concepts.


• Ability to generate and provide SAP Security reports, such as SOX and EWA reporting.


• In-depth understanding of SAP project methods and best practices.


• Excellent presentation and communication skills.


• Analytical mindset with the ability to perform system analysis and risk assessments.


• Experience in the pharmaceutical or biotechnology industry is highly desirable.


• Relevant certifications in SAP Security and GRC are a plus.

#LI-Hybrid

#LI-RT1