SAP and GRC Security Analyst

Date: Feb 21, 2024

Location: TAMPA, Florida, US, 33607

Company: Gerdau

This position is open for domestic candidates only.


The SAP and GRC Security Analyst II is a senior level technologist, under minimal supervision of the Sr Manager, Security or Manager, Security, functioning as an SAP security expert. The incumbent will serve as the lead for implementing and maintaining several critical compliance-based projects and on-going SAP security efforts.     



The SAP and GRC Security Analyst II will work within the Security function of the IT department. This role will report to the Sr Manager, Security or Manager, Security, and may receive daily guidance from the Team Lead, Security.  This role will not have any direct reports. However, this role will provide guidance and support to others within the IT organization. 



The SAP Security Analyst II is responsible for reviewing existing SAP profiles to develop and implement solutions to SAP security controls issues through coordination with the functional and technical users.  This role will function as the security strategist, following current best practices and aligning all teams with these decisions.  Additionally, this role is responsible for developing and maintaining roles within SAP, and for provisioning and de-provisioning users in SAP. 



  • Bachelor’s degree, combined with 3-5 years of experience in SAP Security and Compliance.  

  • Industry-recognized certifications are desirable

  • Fluent in English. Portuguese is desirable. 

  • Problem solving skills including providing alternative approaches using cost-benefit comparisons, identifying potential impacts of problems, and solving team problems. 

  • Exceptional analytical, conceptual, and problem-solving abilities.

  • Ability to prioritize and execute tasks and experience working in a team-oriented, collaborative environment.

  • Working technical knowledge of company supported hardware, software, and operating systems including configuration and connectivity. 

  • Good written, technical documentation, and oral communication skills, with ability to present ideas in user-friendly language.  

  • Strong customer service skills. 

  • Continually keep up to date with the latest security trends, threats, emerging technologies, etc. 



  1. Interacting with Gerdau associates, customers, vendors and suppliers to meet service levels.
  2. Work closely with the business understanding and proposing solutions for a better user experience and onboarding.
  3. Responsible for working independently on projects, and implementing and maintaining IT security solutions in an Global SAP environment across multiple.
  4. Recording, communicating,  and resolving technical and non-technical issues.
  5. Manage requests received via the Service Desk and other channels.
  6. Work closely with the MSSP and IAM teams and IT areas to ensure the implementation of IAM and protection measures.
  7. Record, communicate and resolve tech and no technical issues.
  8. Mentor and train other team members.
  9. Write and maintain technical documentation.
  10. Capable to understand SAP security issues and propose solutions..


The SAP & GRC Security Analyst II will be responsible for the following additional rresponsibilities:

  1. Serve as the primary contact for coordinating SAP security efforts with regards to staff and audit requests.
  2. Work closely with functional areas, Audit, and within the global IT team to ensure identified audit findings or security weaknesses are tracked and remediated.
  3. Be able to provision and de-provision users and roles with appropriate SAP security levels.
  4. Update and create profiles within SAP while maintaining a secure controls environment.
  5. Be able to configure, deploy and manage SAP Security Roles, Profiles and Authorizations across multiple SAP systems
  6. Develop and maintain a Segregation of Duties solution for the SAP environment (e.g. HR/Payroll, BASIS, Security Administration, and BI).
  7. Maintain a high level of confidentiality.
  8. Successfully manage multiple priorities and deadlines.
  9. Take initiative in finding solutions to difficult and/or sensitive problems.
  10. Communicate effectively with non-technical individuals helping them understand risk and security options. 
  11. Take initiative in finding solutions to difficult and/or sensitive problems.


Nearest Major Market: Tampa