SAP GRC (Government, Risk, and Compliance) Analyst

Austin, Texas, United States
Corporate Functions


Weekly Hours: 40
Role Number:200390388
As a part of Apple's SAP Business Governance team, the GRC analyst will be responsible for delivering three core departmental responsibilities: Segregation of Duties (SoD) Analysis, GRC Administrator, and User Provisioning Support. As part of SOx 404 compliance, SoD adherence is a key element to many controls. The GRC (Government, Risk, and Compliance) Business Governance team is responsible for governing the processes and systems that have been established to manage SoD rules and policies in compliance with regulatory requirements and as mandated / defined by the SoD steering committee. As part of this team, you will engage with many groups to resolve, review, separate access, as well as manage our SoD tool (GRC Access Control) and support regulatory access controls.

Key Qualifications

  • - 3+ years of business experience
  • - Experience analyzing SoD risks
  • - Experience identifying, analyzing, and mitigating controls for SoD conflicts
  • - Ability to review user IDs/roles with respect to SoD resolutions
  • - SAP Security administration experience
  • - Hands on experience with SAP GRC Access controls and provisioning
  • - Experience in project management is a plus
  • - Experience in managing and working with global, diverse teams
  • - Experience working with global companies and a strong global mindset with a solid understanding of cultural differences
  • - Ability to work independently while managing multiple priorities in an unstructured, global and virtual environment
  • - Excellent communication and negotiation skills in addition to the ability to deal effectively with ambiguity


- Work closely with business partners, IS&T, Internal and External Auditors to identify, document, and resolve or escalate problems within SAP systems/user access to meet regulatory requirements. - Review SAP standard and custom transactions for SoD impact. - Develop, administer and monitor GRC ruleset, mitigations, alerts, reports and any system technical issues such as upgrades and UAT. - Administer GRC roles, reports, role validations and system technical issues such as upgrades and UAT. - Manage SAP SoD conflicts and help define mitigating controls for waivers. - Perform trend analysis on problems including but not limited to identifying, documenting, troubleshooting, reporting and/or resolving provisioning and SAP GRC system issues. - Coordinate and manage UAT for provisioning tool and GRC for projects - Develop and maintain documentation for both new and existing business and system processes

Education & Experience

BS degree in Management of Information Systems (or equivalent experience)

Additional Requirements