Business Analyst - GRC & Security

Business Analyst GRC & Security

About the Role

We are looking for a Business Analyst (GRC & Security) to assist a large SAP transformation project.

In this role, you will support the design of SAP roles and you will also spend up to 50% of your time supporting the Security workstream, helping to ensure the SAP platform is secure and audit-ready for go-live.

This role offers the chance to shape processes, strengthen compliance, and work closely with technical teams, business stakeholders, and programme leadership.

Key Responsibilities

• SAP Roles & Authorisations Support role design, conduct authorisation testing, and document access requirements.
• GRC Framework Assist with GRC tool configuration, compliance reporting, and collection of audit evidence.
• SoD Analysis Review and analyse Segregation of Duties conflicts, propose remediation, and support business alignment.
• UAT & Documentation Support User Acceptance Testing, prepare process documentation, and deliver training materials for end users.
• Security Workstream Contribute up to 50% of time reviewing security testing outputs, tracking remediation actions, and preparing status reports for leadership.

About You

• Experience as a Business Analyst within ERP, SAP and GRC projects.
• Knowledge of SAP roles, authorisations, and SoD principles is highly desirable.
• Strong analytical skills with the ability to document requirements and processes clearly.
• Exposure to audit, compliance or IT security practices.
• Excellent communication skills with the ability to work across technical and business teams.
• Organised, detail-oriented, and comfortable working in a fast-paced programme environment.