Track Manager - IT General Controls (ITGC), SAP S/4HANA Security
Poland
Apply now
Job Description
Track Manager - IT General Controls (ITGC), SAP S/4HANA Security
Others, Małopolskie

Job Summary

GRC L3 - This role drives operational excellence in managing regulatory compliance, SAP Security, and GRC frameworks for large-scale environments. The individual ensures adherence to SOX ITGCS and GDPR requirements, delivers continuous process improvements, and leads teams to meet client SLAs through expert application of compliance and security best practices. They play a key role in fostering innovation, optimizing business processes, and ensuring robust information security controls.

 

Proven experience on leading and executing compliance & risk management processes • Well versed and hands-on experience for defining establishing and implementing policies, process and controls for compliances and Certification to ISO27001 • Strong foundation & experience on data privacy specifically catering to the requirements outlined in GDPR & DORA, NIS2 • Experience in conducting Privacy Impact Assessments, Security Breach management & executing privacy controls • Expertise in Risk Management including conducting risk assessments, gap analysis and remediation • Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security control • Experience in end to end ISAE 3402 SOC reporting • Experience in performing remediation activities based on gaps found in audit reviews • Conducting regular training for on Client Security Policy and Standard requirements. • Present reports and recommendations on information security and related issues • Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting. • Liaison with security & operational teams for ensuring confidentiality, integrity & availability of customer information • Excellent understanding & experience in IT infrastructure management which includes Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. • Regulations Knowledge: DORA, NIS2, GDPR, UK DPA, Privacy Shield

Key Responsibilities

1. Oversee SAP Security and GRC operations by administering user access management, segregation of duties, and role design in SAP GRC, ensuring compliance with SOX IT General Controls and GDPR.
2. Direct regulatory compliance management by implementing and maintaining controls and monitoring mechanisms using SAP GRC tools to meet SOX, GDPR, and internal audit requirements.
3. Lead the identification and resolution of complex SAP security issues using SAP GRC Access Control and Risk Analysis, ensuring operational risks are mitigated and compliance objectives are achieved.
4. Guide the development and optimization of compliance processes by leveraging SAP GRC Process Controls and automation tools, driving operational efficiency, and enhancing reporting accuracy.
5. Mentor and empower support teams by providing expert knowledge in SAP Security, GRC, and regulatory frameworks, fostering a culture of transparency, accountability, and continuous improvement.
6. Innovate operational strategies by evaluating emerging technologies and regulatory trends, recommending improvements for SAP Security and compliance processes to enhance organizational resilience.
7. Ensure timely and effective communication of compliance requirements, audit findings, and remediation actions using SAP GRC reporting features, facilitating alignment with client and organizational goals.

 

Proven experience on leading and executing compliance & risk management processes • Well versed and hands-on experience for defining establishing and implementing policies, process and controls for compliances and Certification to ISO27001 • Strong foundation & experience on data privacy specifically catering to the requirements outlined in GDPR & DORA, NIS2 • Experience in conducting Privacy Impact Assessments, Security Breach management & executing privacy controls • Expertise in Risk Management including conducting risk assessments, gap analysis and remediation • Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security control • Experience in end to end ISAE 3402 SOC reporting • Experience in performing remediation activities based on gaps found in audit reviews • Conducting regular training for on Client Security Policy and Standard requirements. • Present reports and recommendations on information security and related issues • Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting. • Liaison with security & operational teams for ensuring confidentiality, integrity & availability of customer information • Excellent understanding & experience in IT infrastructure management which includes Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. • Regulations Knowledge: DORA, NIS2, GDPR, UK DPA, Privacy Shield

Skill Requirements

1. Excellent Understanding Of Sox It General Controls And Gdpr Compliance Frameworks.
2. Advanced Proficiency In Regulatory Compliance Management Within Sap Environments.
3. Expert Skills In Process Optimization, Audit Management, And Risk Analysis Using Sap Grc Tools.
4. Excellent Ability To Lead, Mentor, And Empower Technical And Support Teams In Operational Settings.
5. Strong Analytical And ProblemSolving Skills With A Focus On Continuous Operational Improvement.

Proven experience on leading and executing compliance & risk management processes • Well versed and hands-on experience for defining establishing and implementing policies, process and controls for compliances and Certification to ISO27001 • Strong foundation & experience on data privacy specifically catering to the requirements outlined in GDPR & DORA, NIS2 • Experience in conducting Privacy Impact Assessments, Security Breach management & executing privacy controls • Expertise in Risk Management including conducting risk assessments, gap analysis and remediation • Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security control • Experience in end to end ISAE 3402 SOC reporting • Experience in performing remediation activities based on gaps found in audit reviews • Conducting regular training for on Client Security Policy and Standard requirements. • Present reports and recommendations on information security and related issues • Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting. • Liaison with security & operational teams for ensuring confidentiality, integrity & availability of customer information • Excellent understanding & experience in IT infrastructure management which includes Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. • Regulations Knowledge: DORA, NIS2, GDPR, UK DPA, Privacy Shield

 

Other Requirements

Proven experience on leading and executing compliance & risk management processes • Well versed and hands-on experience for defining establishing and implementing policies, process and controls for compliances and Certification to ISO27001 • Strong foundation & experience on data privacy specifically catering to the requirements outlined in GDPR & DORA, NIS2 • Experience in conducting Privacy Impact Assessments, Security Breach management & executing privacy controls • Expertise in Risk Management including conducting risk assessments, gap analysis and remediation • Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security control • Experience in end to end ISAE 3402 SOC reporting • Experience in performing remediation activities based on gaps found in audit reviews • Conducting regular training for on Client Security Policy and Standard requirements. • Present reports and recommendations on information security and related issues • Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting. • Liaison with security & operational teams for ensuring confidentiality, integrity & availability of customer information • Excellent understanding & experience in IT infrastructure management which includes Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. • Regulations Knowledge: DORA, NIS2, GDPR, UK DPA, Privacy Shield 1. SAP Certified Application Associate � SAP Access Control (recommended).
2. Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certifications are optional but valuable

 

 
Apply now
Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.
23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.