Sr SAP Security Analyst

About RS Group

Across the industrial design, manufacturing and maintenance worlds, we’re the digital destination for product and service solutions to help our customers with the maintenance, repair and operation of their businesses. We provide global access to an unrivalled range of over 750,000 stocked industrial products. Each day our team of experts deliver solutions to resolve our customer’s challenges across design, procurement, inventory and maintenance. We consistently strive to deliver the best possible service to all of our customers and challenge ourselves to provide a seamless procurement experience.

We are one team. We deliver brilliantly. We do the right thing. We make every day better. These are our values. They unite our c.9,000 global colleagues and differentiate us from our competition. They are a mix of how we work today and how we must step up for the future. Most importantly, it is one set of values shaped by our people, for our people.

Together, we can make great things happen. Aim for amazing and beyond.

This role sits within the SAP Security & Compliance function, a high-impact team responsible for protecting the integrity of our SAP systems and ensuring effective access governance across the organization. The team works closely with business and IT partners to balance security, compliance, and operational efficiency, making it a collaborative and strategic area within the company.

It’s a strong environment for growth and development, offering exposure to complex security challenges and opportunities to work on meaningful initiatives such as role design, Segregation of Duties (SoD) analysis, audit support, and process optimization. The team plays a key role in enabling secure business operations while continuously improving controls and user experience.

About the Role

Role Purpose

The Senior SAP Security Analyst is responsible for leading the design, implementation, and governance of SAP security and access controls across the enterprise. This role ensures that user access is appropriately provisioned, compliant with internal policies and regulatory requirements, and aligned with business needs. The senior analyst also drives continuous improvement of security processes, provides guidance to junior team members, and partners with stakeholders to manage risk while enabling efficient operations.

Responsibilities

• Ensure SAP compliance procedures align with Group-level Information Security policies.
• Utilize proficiency in SAP systems, applications, and processes.
• Develop and maintain SAP security architecture and controls.
• Design, create and manage user profiles, roles, and authorizations in SAP, ensuring role-based access control is appropriately structured and implemented.  Be responsible for designing standards for profiles, roles and authorisations (e.g. naming standards, security granularity, etc.) and ensure these are enforced by the team.
• Ensure technical debt is addressed e.g. historical implementations have a clear roadmap for corrective action to simplify, standardise and ultimately tighten security.
• Actively monitor and control the access rights of users.
• Manage SAP Security using SAP Governance, Risk, and Compliance (GRC) solutions, utilizing Access Control and Process Control.
• Actively work to improve your teams Ways of Working to drive efficiency and drive higher standards through process improvements, documentation (e.g. standards, procedures, policies).
• Work closely with your manager to support the process of demand management and team capacity management ensuring the teams backlog is prioritised and tracked.
• Maintain the integrity and security of global systems and networks.
• Support security initiatives through both predictive and reactive analysis.
• Articulate emerging trends to leadership and staff and drive initiatives that improve our ways of working, tooling and security management.
• Define and recommend actions to mitigate security risks and actively manage through to resolution.
• Work with RS Group Security team to ensure compliance with PCI and NIST security requirements.
• Develop and maintain comprehensive security policies and procedures in line with RS Group Information Security policies.
• Lead the development and deployment of company-wide security training.
• Compile and submit required security compliance reports to pertinent agencies and internal stakeholders where relevant.
• Work closely with functional business teams to implement mitigating actions and controls.
• Work closely with project teams to ensure Security design is incorporated into project governance and delivery, particularly during early phases of large programmes or projects where security design sign-off is a formal stage gate within project governance.
• Work closely with the SAP teams to embed new technologies ensuring they are safe, secure and compliant (e.g. BTP, EWM, etc.)
• Manage 3rd party shared service providers to ensure they meet our security SLA’s and KPI’s and comply to our processes, procedures and standards.  Where remediation is required, work closely with 3rd parties to actively manage and course correct any issues, risks that have been identified.

How I make a difference in this role

I am a seasoned professional with extensive expertise in SAP systems, applications, and processes, coupled with a profound understanding of SAP security architecture and controls. My experience encompasses SAP Governance, Risk, and Compliance (GRC) solutions, particularly Access Control and Process Control. I am well-versed in regulatory standards and best practices related to SAP security. My exceptional analytical and problem-solving skills are matched by my ability to communicate complex security issues effectively to stakeholders at all levels. I have a proven track record in managing user roles and authorizations, conducting comprehensive security audits, ensuring strict compliance with policies, and addressing security incidents with detailed root cause analysis. In my senior capacity, I lead the lifecycle management of certificates and oversee audit processes to ensure our SAP compliance procedures are in alignment with Group-level Information Security policies. I am entrusted with maintaining the integrity and security of global systems and networks, driving security initiatives through both predictive and reactive analysis, and conveying emerging trends to leadership and staff. I define strategic actions to mitigate security risks and spearhead projects to ensure adherence to RS Group security requirements. Furthermore, I develop and uphold robust security policies and procedures, lead the creation and implementation of company-wide security training programs, compile and submit essential security compliance reports, and work in close partnership with functional business teams to implement effective mitigating actions and controls.

Candidate Requirements

Essential Skills & Experience

• 5+ years of experience in an SAP Security related role
• Minimum of 5 years’ experience in an Information Security role
• Excellent written and oral communication skills
• Self-motivated and able to work in an independent manner
• Experience and proficiency in various security-related toolsets and best practices
• Strong understanding of SAP GRC

Desirable Skills & Experience

• College degree or equivalent experience in an IT related function
• Certification in SAP GRC

#LI-HYBRID #LI-CC1