Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead SAP GRC Security & Risk initiatives, ensuring secure access management and risk accountability.
- Company: Join Pentland, a global leader in sports and outdoor brands, committed to innovation and performance.
- Benefits: Enjoy flexible working options, professional development opportunities, and a vibrant company culture.
- Why this job: Be at the forefront of access governance, driving impactful change across global operations.
- Qualifications: 3+ years in SAP GRC Access Control; strong communication and stakeholder engagement skills required.
- Other info: Work in a dynamic, collaborative environment with a focus on continuous improvement.
The predicted salary is between 48000 - 72000 ÂŁ per year.
GRC Security & Risk Lead
Department: IT | Location: Bangalore
Reports to: Global VP IT Delivery & Project Portfolio Management
Direct Reports: 0
WHAT\’S THE MISSION FOR THIS ROLE?
The SAP GRC Security & Risk Lead will play a pivotal role in elevating Pentland\’s SAP access governance by enabling transparency, risk accountability, and secure access management across all global SAP environments.
This role will own the configuration, monitoring, and continuous improvement of the our SAP GRC platform (v12.0), working in close partnership with business leads to embed access governance and risk ownership into daily operations. By combining deep technical knowledge with strong business engagement, this role ensures SAP access risks are visible, mitigated, and aligned to audit and compliance expectations.
Through cross‑functional collaboration, the GRC Security & Risk Lead will drive adoption of standardised, business‑led access control practices across all brands and regions, supporting the enterprise ambition to modernise systems, improve performance, and reduce risk.
WHAT DOES THIS ROLE DO?
1. GRC Platform Ownership & Security Administration
- Administer SAP GRC Access Control (ARM, ARA, BRM, EAM) in alignment with the global access governance framework.
- Maintain and monitor risk rule sets, mitigation controls, role design and firefighter configuration in SAP GRC.
- Oversee SAP user access provisioning and approval workflows, supporting ECC environments.
- Support global adoption of the GRC platform through performance tuning, process optimisation, and issue resolution.
- Ensure the system operates in line with audit expectations and compliance standards.
2. Business Engagement & Risk Transparency
- Act as the key liaison between IT and business stakeholders across Finance, HR, Supply Chain, and Commercial functions.
- Lead regular business review sessions to surface unresolved violations, review mitigation controls, and drive access accountability.
- Educate business users on GRC usage, risk ownership and compliance responsibilities.
- Champion transparency and standardisation in access governance processes across all regions and brands.
3. Process Governance & Continuous Improvement
- Manage the joiner‑mover‑leaver (JML) process for SAP users, ensuring timely and compliant access changes.
- Collaborate with Internal Audit to align controls, reporting and documentation to regulatory expectations.
- Review and reengineer SAP roles in partnership with role owners to ensure they reflect business operating models and reduce SoD risk.
- Document key access control processes and maintain audit‑ready evidence and reporting.
WHAT DO I BRING TO THE ROLE?
Leadership & Stakeholder Engagement
- Strong communication and facilitation skills; able to run effective business review sessions with senior non‑technical stakeholders.
- Proven ability to work cross‑functionally with business teams and influence risk ownership without direct authority.
- A proactive mindset, driving issues to resolution and continuously seeking improvement opportunities.
Technical & Functional Expertise
- 3+ years of hands‑on experience with SAP GRC Access Control (preferably version 10.x or 12.0).
- Knowledge of SAP user provisioning, role design and SoD risk management in ECC.
- Experience in configuring and managing mitigation controls, risk analysis and Firefighter ID processes.
- Familiarity with audit, compliance and access governance best practices.
Mindset & Culture Fit
- A structured, process‑oriented individual with attention to detail and a pragmatic mindset.
- Comfortable working in a matrixed, global environment with varied stakeholder expectations.
- Demonstrates ownership, energy and resilience in a dynamic change environment.
KEY PERFORMANCE METRICS THE ROLE INFLUENCES & CONTROLS
- GRC system adoption and performance
- Risk visibility and mitigation adherence
- Access control compliance (audit findings, SoD violations)
- Stakeholder satisfaction with GRC processes
- Business review completion rates and follow‑through
- Efficiency of user provisioning and access governance processes
#J-18808-Ljbffr
Grc Security & Risk Lead employer: PENTLAND
Contact Detail:
PENTLAND Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Grc Security & Risk Lead
✨Tip Number 1
Familiarise yourself with the latest features and updates of SAP GRC Access Control, especially version 12.0. This knowledge will not only help you in interviews but also demonstrate your commitment to staying current in the field.
✨Tip Number 2
Network with professionals who are currently working in GRC roles or have experience with SAP systems. Engaging in discussions about best practices and challenges can provide valuable insights and may even lead to referrals.
✨Tip Number 3
Prepare to discuss specific examples of how you've successfully managed risk and compliance in previous roles. Highlighting your hands-on experience with SAP user provisioning and role design will set you apart from other candidates.
✨Tip Number 4
Showcase your ability to communicate complex technical concepts to non-technical stakeholders. Being able to bridge the gap between IT and business functions is crucial for this role, so prepare examples that illustrate your communication skills.
We think you need these skills to ace Grc Security & Risk Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in SAP GRC Access Control and risk management. Use specific examples that demonstrate your technical expertise and leadership skills, particularly in cross-functional collaboration.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and how your background aligns with the mission of elevating access governance. Mention your proactive mindset and ability to drive issues to resolution, as these are key attributes for this position.
Highlight Relevant Skills: Clearly outline your experience with SAP GRC, including any specific modules you've worked with. Emphasise your understanding of audit and compliance standards, as well as your ability to engage with non-technical stakeholders effectively.
Showcase Continuous Improvement Initiatives: Provide examples of how you've previously contributed to process optimisation or performance tuning in your past roles. This will demonstrate your commitment to continuous improvement, which is crucial for the GRC Security & Risk Lead position.
How to prepare for a job interview at PENTLAND
✨Understand the GRC Landscape
Familiarise yourself with the SAP GRC Access Control modules, especially version 12.0. Be prepared to discuss how you have previously managed risk rule sets and user access provisioning, as this will demonstrate your technical expertise.
✨Showcase Your Communication Skills
Since this role involves liaising with various business stakeholders, practice articulating complex technical concepts in a way that non-technical individuals can understand. Highlight any past experiences where you've successfully facilitated discussions or led review sessions.
✨Demonstrate Proactive Problem-Solving
Prepare examples of how you've identified issues and driven them to resolution in previous roles. This could involve improving processes or enhancing compliance measures, showcasing your proactive mindset and continuous improvement approach.
✨Emphasise Cross-Functional Collaboration
Be ready to discuss your experience working with different departments such as Finance, HR, and Supply Chain. Illustrate how you've influenced risk ownership and fostered collaboration without direct authority, which is crucial for this position.
