Job Description
At Zimmer Biomet, we believe in pushing the boundaries of innovation and driving our mission forward. As a global medical technology leader for nearly 100 years, a patient’s mobility is enhanced by a Zimmer Biomet product or technology every 8 seconds.
As a Zimmer Biomet team member, you will share in our commitment to providing mobility and renewed life to people around the world. To support our talent team, we focus on development opportunities, robust employee resource groups (ERGs), a flexible working environment, location specific competitive total rewards, wellness incentives and a culture of recognition and performance awards. We are committed to creating an environment where every team member feels included, respected, empowered and recognised.
What You Can Expect
The SAP GRC Access Control Lead serves as a lead-level individual contributor responsible for the design, configuration, administration, and continuous improvement of SAP GRC Access Control and SAP IAG Bridge solutions. This role partners closely with SAP security, audit, internal controls, and business stakeholders to ensure appropriate access governance, segregation of duties compliance, and sustainable security controls across the SAP landscape.
The Lead provides deep functional and technical expertise in SAP GRC Access Control, supports IT SOX and compliance activities, and drives high-quality solution delivery for access risk analysis, access request workflows, emergency access, and role governance. The role influences standards, leads complex workstreams, and provides subject matter guidance to peers and project teams, while remaining an individual contributor rather than a direct people manager.
Work Location: Bangalore
Work Mode: Hybrid (3 Days in office)
Shift Timing - 3:00 PM to 12:00 AM
How You'll Create Impact
• Configure, test, administer, and enhance SAP GRC Access Control and SAP IAG Bridge solutions.
• Lead the design and optimization of SAP security roles and access control frameworks that support compliant, scalable business operations.
• Serve as the subject matter expert for key SAP GRC Access Control capabilities, including Access Risk Analysis and Remediation (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM).
• Evaluate segregation of duties risks, control effectiveness, and access governance requirements, and recommend sustainable remediation strategies.
• Develop, maintain, and improve SAP GRC-related processes, procedures, standards, and documentation.
• Partner with audit, compliance, internal controls, and business teams to support IT SOX requirements, control testing, and audit readiness.
• Lead or significantly contribute to complex projects, enhancements, and system implementations impacting SAP access controls and governance.
• Analyze business requirements and translate them into secure, practical access control designs and role-based solutions.
• Troubleshoot complex issues related to SAP GRC configuration, role design, provisioning workflows, and risk rulesets.
• Provide expert guidance, knowledge sharing, and informal mentoring to team members and cross-functional stakeholders.
• Coordinate deliverables across project participants, including external partners or contract resources, as needed, without direct people management accountability.
• Identify opportunities to streamline access governance, improve control automation, and strengthen the overall SAP security operating model.
What Makes You Stand Out
• Advanced expertise in implementing, configuring, and supporting SAP GRC Access Control, including:
– Access Risk Analysis and Remediation (ARA)
– Access Request Management (ARM)
– Emergency Access Management (EAM)
– Business Role Management (BRM)
• Experience implementing, configuring, and maintaining SAP IAG Bridge and related cloud-based identity and access governance capabilities.
• Strong knowledge of SAP security architecture, role design, authorization concepts, and implementation methodologies.
• Strong understanding of segregation of duties frameworks, access risk management, and mitigating controls.
• Solid understanding of user access provisioning, security administration, and access lifecycle processes.
• Ability to assess business processes and translate control, compliance, and security requirements into effective technical solutions.
• Strong knowledge of SAP application security concepts, governance practices, and audit expectations.
• Demonstrated ability to lead complex assignments and influence stakeholders without formal supervisory authority.
• Strong analytical, problem-solving, organizational, and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to communicate effectively across technical and non-technical audiences.
• Ability to work independently, manage competing priorities, and adapt effectively in a changing environment.
• Collaborative mindset with a focus on quality, accountability, and continuous improvement.
• Understanding of Zimmer Biomet’s business environment and compliance expectations preferred.
Your Background
Required:
• 7+ years of relevant experience in SAP GRC Access Control implementation, configuration, administration, and support.
-SAP IAG Bridge
- Access Risk Analysis and Remediation (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM).
• Demonstrated experience leading complex SAP access control or security initiatives as a senior individual contributor.
• Bachelor’s degree in Information Technology, Information Systems, Cybersecurity, or a related field.
Preferred:
• Master’s degree in business, technology, or a related field.
• SAP GRC certification.
• Experience with SAP GRC 12.0 preferred (10.x acceptable if accompanied by strong relevant experience).
• CISA, CISSP, or similar relevant certification.
Travel Expectations
Up to 10%
EOE/M/F/Vet/Disability