GRC & Security Lead

We're Pentland Brands; a dynamic, global family business, and proud owners and licensees of many iconic active and footwear brands . With a community of over 1,300 team members worldwide, we embrace diversity and inclusion, and champion growth and development. Our success is built on teamwork, courage, innovation, and an unwavering commitment to excellence.

We are recruiting for a GRC & Security Lead at our Bangalore Office.

WHAT'S THE MISSION FOR THIS ROLE

The SAP GRC Security & Risk Lead will play a pivotal role in elevating Pentland's SAP access governance by enabling transparency, risk accountability, and secure access management across all global SAP environments.

This role will own the configuration, monitoring, and continuous improvement of the our SAP GRC platform (v12.0), working in close partnership with business leads to embed access governance and risk ownership into daily operations. By combining deep technical knowledge with strong business engagement, this role ensures SAP access risks are visible, mitigated, and aligned to audit and compliance expectations.

WHAT DOES THIS ROLE DO

1. GRC Platform Ownership & Security Administration

• Administer SAP GRC Access Control (ARM, ARA, BRM, EAM) in alignment with the global access governance framework.
• Maintain and monitor risk rule sets, mitigation controls, role design and firefighter configuration in SAP GRC.
• Oversee SAP user access provisioning and approval workflows, supporting ECC environments.
• Support global adoption of the GRC platform through performance tuning, process optimisation, and issue resolution.
• Ensure the system operates in line with audit expectations and compliance standards.

2. Business Engagement & Risk Transparency

• Act as the key liaison between IT and business stakeholders across Finance, HR, Supply Chain, and Commercial functions.
• Lead regular business review sessions to surface unresolved violations, review mitigation controls, and drive access accountability.
• Educate business users on GRC usage, risk ownership, and compliance responsibilities.
• Champion transparency and standardisation in access governance processes across all regions and brands.

3. Process Governance & Continuous Improvement

• Manage the joiner-mover-leaver (JML) process for SAP users, ensuring timely and compliant access changes.
• Collaborate with Internal Audit to align controls, reporting, and documentation to regulatory expectations.
• Review and reengineer SAP roles in partnership with role owners to ensure they reflect business operating models and reduce SoD risk.
• Document key access control processes and maintain audit-ready evidence and reporting.

WHAT DO I BRING TO THE ROLE

Leadership & Stakeholder Engagement

• Strong communication and facilitation skills; able to run effective business review sessions with senior non-technical stakeholders.
• Proven ability to work cross-functionally with business teams and influence risk ownership without direct authority.
• A proactive mindset, driving issues to resolution and continuously seeking improvement opportunities.

Technical & Functional Expertise

• Overall 10 years with 3+ years of hands-on experience with SAP GRC Access Control (preferably version 10.x or 12.0).
• Knowledge of SAP user provisioning, role design, and SoD risk management in ECC.
• Experience in configuring and managing mitigation controls, risk analysis, and Firefighter ID processes.
• Familiarity with audit, compliance, and access governance best practices.

Mindset & Culture Fit

• A structured, process-oriented individual with attention to detail and a pragmatic mindset.
• Comfortable working in a matrixed, global environment with varied stakeholder expectations.
• Demonstrates ownership, energy, and resilience in a dynamic change environment.

KEY PERFORMANCE METRICS THE ROLE INFLUENCES & CONTROLS

• GRC system adoption and performance
• Risk visibility and mitigation adherence
• Access control compliance (audit findings, SoD violations)
• Stakeholder satisfaction with GRC processes
• Business review completion rates and follow-through
• Efficiency of user provisioning and access governance processes

We want you to live our company principles, bringing a strong consumer focus, while always looking for ways to improve and grow in your role. Take ownership of your work and be proactive in solving problems whilst communicating openly and treating everyone with respect and kindness. And, of course, let your creativity shine by bringing your unique style and individuality to the Pentland Brands Team.