SAP Security Specialist

SAP Security Specialist Requisition ID: 15470 Location: Chicago, IL, US, 60631Nashville, TN, US, 37214 Pay Type: Salary Estimated Wage Range $67,200 - $127,600/Annually COMPANY OVERVIEW Amrize is building North America. From bridges and railways to data centers, schools, offices and homes, our solutions are inside the buildings and infrastructure that connect people and advance how we live. And we invite you to come and build with us. As the partner of choice for professional builders, we offer advanced branded solutions from foundation to rooftop. Wherever our customers are, whatever their job, weu2019re ready to deliver. Our 19,000 colleagues work across 1,000 sites supported by an unparalleled distribution network. Infrastructure, commercial and residential, new build, repair and refurbishment: Weu2019re in every construction market. Amrize listed on the New York Stock Exchange and the SIX Swiss Exchange on June 23, 2025, following our spinoff as an independent company. Join us and build _your_ ambition. Learn more at ( Description: Weu2019re seeking aSAP Security Specialistwhou2019s ready to put your skills to work on projects that matter u2014 and build a career with a company thatu2019s building North America. Job Title: SAP Security Specialist Req ID: 15470 Location: Chicago Office IL, Building Envelope - Corp Nashville, TN ABOUT THE ROLE Design, architect, and maintain a world-class SAP security ecosystem encompassing sophisticated role-based access controls, GRC (Governance, Risk, and Compliance) frameworks, and advanced security protocols to safeguard enterprise systems and ensure strict adherence to regulatory compliance standards. As a strategic security partner, you will implement industry-leading best practices, conduct proactive risk assessments, and drive continuous improvement initiatives that fortify system integrity, prevent unauthorized access, and ensure seamless operational continuity across the organization's SAP landscape. WHAT YOU'LL ACCOMPLISH + Orchestrate SAP Change Management: Lead and manage complex changes across the SAP ecosystem, ensuring secure, controlled implementations in production environments while maintaining zero-tolerance for security vulnerabilities. + Role Engineering & Optimization: Design, architect, and continuously refine SAP security roles and authorization profiles, ensuring alignment with evolving business requirements, organizational structure, and least-privilege access principles. + Segregation of Duties (SoD) Management: Conduct comprehensive risk analysis and simulations using GRC tools at technical role, position, and user levels to identify, remediate, and prevent critical SoD conflicts and sensitive access violations. + Service Delivery Excellence: Monitor and resolve SAP Security tickets and incidents through ServiceNow, ensuring exceptional service delivery while consistently meeting or exceeding established SLAs. + Advanced Troubleshooting: Analyze and diagnose complex permission-related errors within SAP systems, utilizing deep technical expertise to classify, resolve, or appropriately escalate issues to ensure rapid resolution. + Audit Log Analysis & Forensics: Perform detailed analysis of SAP audit logs and security events to support investigations, respond to security incidents, and fulfill compliance and regulatory requirements. + GRC Administration & Enhancement: Maintain and optimize GRC systems, including regular updates to rulesets, risk matrices, and compliance frameworks to ensure real-time risk visibility and regulatory alignment. + Audit & Compliance Management: Serve as the primary point of contact for internal and external audits, ensuring full compliance with SOX, GDPR, HIPAA, or other applicable regulations through meticulous documentation and control implementation. + Critical Access Controls: Enforce stringent controls on critical SAP objects, transactions, and administrative functions, implementing security guardrails that align with organizational risk tolerance and industry best practices. + Security Transformation Projects: Drive and deliver strategic security projects, collaborating cross-functionally to implement innovative solutions that enhance the organization's security posture. + Process Automation & Optimization: Identify opportunities for security process improvements, designing and implementing automation solutions that reduce manual effort, minimize errors, and accelerate response times. + Continuous Improvement: Proactively recommend, prototype, and deploy enhancements to the security model that leverage emerging technologies, industry trends, and lessons learned from security assessments. + Additional Strategic Initiatives: Execute special projects and additional responsibilities as assigned by leadership to support organizational objectives. + Demonstrate a commitment to communicating, improving and adhering to health, safety and environmental policies in all work environments and areas. Promote a culture of safety and exhibit these behaviors. RESPONSIBILITIES & TASKS + Other responsibilities as assigned WHAT WEu2019RE LOOKING FOR Education: Bachelor's degree Additional Education Preferred: Master's degree Field of Study Preferred: Computer science, engineering, and IT-related sciences Required Work Experience: u2022 Minimum 5 years of hands-on experience in SAP Security administration and architecture u2022 Proven track record in enterprise-scale SAP environments (ECC, S/4HANA) u2022 Demonstrated expertise in GRC implementations and security compliance frameworks Required Training/Certifications: u2022 SAP Certified Technology Associate - System Security Architect u2022 SAP GRC Access Control certification u2022 CISSP, CISM, or equivalent information security certification u2022 ITIL Foundation or higher Required Technical Skills : u2022 SAP Security: Expert-level knowledge of SAP authorization concepts, role design, profile generation, and user administration u2022 GRC Solutions: Advanced proficiency in SAP GRC Access Control, including risk analysis, access request management, and ruleset configuration u2022 Compliance Frameworks: Working knowledge of SOX, GDPR, ISO 27001, or similar regulatory standards u2022 ServiceNow or ITSM platforms: Experience managing incidents and change requests Additional Requirements : + Successful candidates must adhere to all safety protocols and proper use of Amrize approved Personal Protection Equipment (

Created: 2026-02-06