SAP Security & GRC Lead

Req ID: 354384 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a SAP Security & GRC Lead to join our team in Chennai, Tamil Nādu (IN-TN), India (IN).

"Role Summary:
The ERP Security & GRC Lead is responsible for overseeing the security and governance, risk, and compliance (GRC) aspects of the organization's ERP systems. This role ensures that ERP platforms are secure, compliant with internal and external regulations, and aligned with business objectives. The ideal candidate will have deep expertise in ERP security frameworks, access controls, audit processes, and risk management.
Key Responsibilities:
Security Strategy & Governance
•    Define and implement ERP security policies, standards, and procedures.
•    Lead the design and enforcement of role-based access controls (RBAC) and segregation of duties (SoD).
•    Collaborate with IT and business stakeholders to ensure secure ERP architecture and configurations.
GRC Management 
•    Monitor and analyze security incidents, providing timely responses and reporting to senior management.
•    Develop and maintain ERP GRC frameworks aligned with regulatory requirements (e.g., SOX, GDPR).
•    Conduct risk assessments and audits to identify vulnerabilities and compliance gaps.
•    Provide training and awareness programs for employees on ERP security best practices and compliance requirements.
•    Manage ERP-related incidents and coordinate remediation efforts.
Access & Identity Management
•    Oversee user provisioning, de-provisioning, and access reviews.
•    Ensure compliance with identity and access management (IAM) policies.
•    Monitor and report on access anomalies and potential breaches.
Audit & Compliance
•    Serve as the primary point of contact for internal and external audits related to ERP systems.
•    Prepare audit documentation and ensure timely resolution of findings.
•    Maintain evidence of compliance and support audit readiness.
Project Leadership
•    Lead ERP security and GRC workstreams in transformation or upgrade projects.
•    Provide subject matter expertise during ERP implementations and integrations.
•    Train and mentor team members and business users on security best practices.
Qualifications & Experience:
•    Bachelor’s degree in Information Technology, Cybersecurity, or related field.
•    7+ years of experience in ERP security and GRC, preferably with systems like SAP
•    Strong understanding of compliance frameworks (SOX, GDPR, ISO 27001).
•    Experience with GRC tools (e.g., SAP GRC).
•    Proven track record in managing audits and implementing SoD controls.
•    Excellent communication and stakeholder management skills.
Preferred Certifications:
•    CISA, CISM, CISSP, or equivalent.
•    ERP-specific certifications (e.g., SAP Security).
Key Competencies:
•    Strategic thinking and problem-solving.
•    Attention to detail and analytical mindset.
•    Ability to work cross-functionally and influence stakeholders.
•    Strong documentation and reporting skills."

About NTT DATA

NTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world's leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.