Assistant Manager – SAP & Non-SAP IT Compliance Monitoring (User Access Management)

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €31.6 Billion international wholesaler with operations in 32 countries through 630 stores & a team of 85,000 people globally. Metro operates in a further 10 countries with its Food Service Distribution (FSD) business, and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide IT & Finance, HR, Media, Strategy, Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Website: https://www.metro-gsc.in
Company Size: 800-850Headquarters: Pune, Maharashtra, IndiaType: Privately HeldInception: 2011

We are seeking a detail-oriented and proactive Assistant Manager to oversee SAP and Non-SAP IT compliance monitoring with a primary focus on User Access Management (UAM). The role involves ensuring adherence to internal controls, regulatory requirements, and corporate policies related to user access, segregation of duties (SoD), and system security across enterprise applications. The ideal candidate will have strong knowledge of IT compliance frameworks, SAP and non-SAP systems, and hands-on experience in access risk management.

Key Responsibilities:

• Monitor and review user access controls for SAP and non-SAP applications to ensure compliance with organizational policies and regulatory standards (e.g., SOX, GDPR).
• Manage user access provisioning, modification, and revocation processes to ensure appropriate authorization levels and prevent unauthorized access.
• Conduct regular access reviews and certification campaigns involving business stakeholders to validate user access rights.
• Identify and resolve Segregation of Duties (SoD) conflicts and access risks through remediation and risk acceptance processes.
• Collaborate with IT, security teams, and business units to enforce IT compliance policies and implement controls related to user access management.
• Develop and maintain compliance monitoring reports and dashboards for management review.
• Support internal and external audits by providing documentation, evidence, and responses related to user access controls and compliance status.
• Assist in the development and enhancement of policies, procedures, and workflows around access management.
• Lead and mentor junior team members in compliance monitoring activities and user access governance.
• Stay updated with industry best practices, regulatory changes, and emerging trends in IT compliance and user access management.
  

Qualifications

Required Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, or related field.
• Minimum 9 years of experience in IT compliance, audit, or governance roles with a focus on SAP and non-SAP user access management.
• Strong understanding of IT control frameworks such as SOX, COBIT, ISO 27001, and knowledge of ITGC (IT General Controls).
• Hands-on experience with SAP GRC (Governance, Risk, and Compliance) tools or equivalent SAP security tools.
• Familiarity with non-SAP systems access management and compliance monitoring tools.
• Experience in managing access reviews, SoD conflict analysis, and remediation.
• Knowledge of user provisioning tools (e.g., SailPoint, Oracle Identity Manager) is a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.
  

Additional Information

Preferred Skills:

• Certifications such as CISA, CISM, or SAP Security certification.
• Experience working with global or multi-location organizations.
• Strong stakeholder management and presentation skills.