BRP Inc.

SAP Security & IT Compliance Specialist

BRP Inc.$80K — $110K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Technology, Computer Science, or a related field.
  • 5+ years of experience in SAP Security, GRC Access Control, or IT Compliance.
  • Demonstrated experience in ITGC/SOX testing and control remediation.
  • Experience working with auditors and within GRC functions in a regulated environment.
  • Solid knowledge of SAP authorization concepts, roles, and profiles.

Responsibilities

  • Manage and maintain SAP user access, roles, and authorizations based on Least Privilege and Segregation of Duties principles.
  • Support configuration, monitoring, and operation of SAP GRC Access Control components: ARA, ARM, EAM, and BRM.
  • Review and remediate SoD conflicts and critical access risks across SAP environments.
  • Execute periodic testing and validation of ITGCs in SAP and related systems.
  • Provide audit evidence and documentation to support internal and external auditors.
  • Identify control gaps, recommend remediation plans, and track corrective actions to closure.
  • Align SAP security practices with global frameworks and standards such as NIST CSF and ISO 27001.

Benefits

  • Flexible working environment with hybrid options.
  • Opportunities for continuous learning and professional development.
  • Collaboration with cross-functional teams and external auditors.
  • Engagement in significant projects influencing SAP environments.
Full Job Description
The SAP Security & Compliance Specialist is responsible for maintaining the integrity, confidentiality, and availability of BRP's SAP Security landscape while ensuring continuous compliance with corporate governance and regulatory requirements such as SOX ITGC, NIST CSF, and ISO 27001.

This role provides operational and governance support for SAP access management, controls monitoring(SOx), and audit readiness, in close collaboration with the IT Compliance , Internal Audit, and SAP Security teams.
YOU'LL HAVE THE OPPORTUNITY TO:

SAP Security & Access Control
  • Manage and maintain SAP user access, roles, and authorizations in alignment with the principle of Least Privilege and Segregation of Duties (SoD).
  • Support the configuration, monitoring, and operation of SAP GRC Access Control (AC) components: ARA, ARM, EAM, BRM.
  • Review and remediate SoD conflicts and critical access risks across SAP environments (ECC, S/4HANA, BW, Fiori).
  • Participate in SAP system audits, ensuring all key security controls are implemented and tested effectively.

IT SOX (ITGC) Control Monitoring
  • Execute periodic testing and validation of IT General Controls (ITGCs) in SAP and related systems (e.g., user provisioning, role changes, privileged access, and system configuration).
  • Provide audit evidence, walkthroughs, and documentation to support both internal and external auditors.
  • Identify control gaps, recommend remediation plans, and track corrective actions to closure.
  • Support continuous monitoring of control effectiveness and compliance dashboards in collaboration with GRC teams.

Compliance & Governance
  • Align SAP security practices with global frameworks and standards such as NIST CSF, ISO 27001, and COBIT.
  • Maintain up-to-date documentation for control design, process workflows, and risk assessments.
  • Assist in defining and maintaining SAP Security Policies, Standards, and Guidelines.
  • Contribute to the development and automation of compliance reporting through tools such as Power BI, GRC dashboards, and audit management platforms.

Collaboration & Advisory
  • Partner with IT, Cybersecurity, and Business Process Owners to ensure that SAP controls are integrated within business processes.
  • Provide advisory support to projects impacting SAP environments (e.g., S/4HANA migrations, system integrations, or cloud deployments).
  • Act as a liaison between InfoSec GRC, Internal Audit, and external auditors.
YOU'LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

Education & Experience
  • Bachelor's degree in Information Technology, Computer Science, or related field.
  • 5+ years of experience in SAP Security, GRC Access Control, or IT Compliance.
  • Demonstrated experience in ITGC/SOX testing and control remediation.
  • Experience working with auditors and GRC functions in a regulated environment.

Technical Skills
  • Solid knowledge of SAP authorization concepts, roles, and profiles.
  • Hands-on experience with SAP GRC AC (ARA, ARM, BRM, EAM).
  • Familiarity with S/4HANA, SAP Fiori, and cloud-hosted SAP environments.
  • Knowledge of compliance frameworks: SOX, NIST CSF, COBIT, ISO 27001, and GDPR.
  • Strong understanding of access management, risk analysis, and incident response principles.

Soft Skills
  • Analytical mindset and problem-solving skills.
  • Ability to communicate complex technical issues clearly to non-technical stakeholders.
  • Proactive, detail-oriented, and capable of managing multiple priorities.
  • Fluent in English and French.


#LI-Hybrid

About BRP Inc.

BRP Inc. is a Canadian company that designs, develops, manufactures, distributes, and markets powersports vehicles and propulsion systems. The company's products include Ski-Doo and Lynx snowmobiles, Sea-Doo watercraft, Can-Am on- and off-road vehicles, Alumacraft and Manitou boats, Evinrude and Rotax marine propulsion systems, and Rotax engines for karts, motorcycles, and recreational aircraft. BRP was founded in 1942 and is headquartered in Valcourt, Quebec.
Learn more about BRP Inc.
Size
19,500 employees
Market Cap
$2.7 billion
Industry
NASDAQ

Similar Jobs

More Jobs at BRP Inc.

More Information Technology Jobs

Find similar SAP Security & IT Compliance Specialist jobs: