Title:  SAP Security & GRC Manager

If you are a GPI employee, please click the Employee Login before applying.

At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We’re one of the largest manufacturers of paperboard and paper-based packaging for some of the world’s most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities. 

With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry’s best to reward the talented people who make our company successful.

If this sounds like something you would like to be a part of, we’d love to hear from you.

A World of Difference. Made Possible.

Role Summary

Reporting to the Director of Cybersecurity – Identity & Access Management, this role is responsible for managing security and controls across GPI’s global SAP landscape, ensuring alignment with corporate security policies and SOX compliance.

Core functions include:

•     Partnering with Business Teams to deliver secure, auditable SAP solutions that meet operational needs.

•     Driving audit readiness and contributing to SAP security policies, procedures, control frameworks, and best practices.

•     Overseeing the execution of security tasks for ongoing projects and implementations, ensuring adherence to established security methodologies and design standards.

•     Managing the global SAP security team (employees and contractors), ensuring high-quality and timely deliverables.

Key Responsibilities

• Lead SAP Security Strategy & Architecture: Own the global SAP security design template and define security architecture for new applications, interfaces, and initiatives. Ensure alignment with security methodologies, SOX, and design standards.
• Access Control & Compliance Management: Define and implement access controls across SAP applications. Act as control owner for ITGC items such as emergency access, user provisioning, and access reviews. Ensure adherence to GPI’s change control processes.
• Audit, Risk & SOX Compliance: Serve as the primary liaison with Compliance, Audit, and Cybersecurity teams. Manage audit inquiries, lead SOX remediation efforts, conduct periodic reviews, and support risk assessments and mitigation strategies.
• SAP GRC Ownership & Governance: Act as the business owner and SME for SAP GRC, overseeing administration, configuration, and project delivery (e.g., updates, enhancements). Monitor control effectiveness and report on key performance indicators.
• Project Leadership & Integration Support: Lead SAP security efforts across projects, including M&A integrations. Collaborate with IT and business stakeholders to gather requirements, design secure solutions, and ensure timely delivery.
• Team & Resource Management: Manage and supervise a global team of SAP security professionals, including employees and contractors. Oversee task assignments, ensure quality and timeliness of deliverables, and provide mentorship and performance guidance.
• Policy Development & User Education: Develop and maintain SAP security policies, procedures, and documentation. Educate business users and advise Finance Compliance on SAP security, SOD, and SOX best practices.
• Operational Oversight & Optimization: Analyze support and change tickets to identify process improvements. Manage SAP user licensing, coordinate maintenance communications, and drive continuous improvement in security operations.

Qualifications

General Skills

• Strong written and verbal communication
• Analytical and detail-oriented
• Ability to manage confidential information professionally
• Effective under pressure and in fast-paced environments
• Leadership experience with technical teams
• Self-driven with minimal supervision
• Strategic thinker with ability to plan future workstreams
• Strong interpersonal and cross-functional communication skills

Technical Skills

• 10+ years in SAP Security design, implementation, and administration
• 5+ years of in-depth experience working with SAP GRC
• Experience across SAP modules: ECC, APO, BI/BW, CRM, SCEM, Central Finance, HANA, Fiori, Data Services, Business Objects, SuccessFactors, HCM
• Deep understanding of SAP authorization concepts (SU24, SU25, Org Levels, Structural Profiles)
• Proven ability to resolve complex authorization issues
• Good understanding of Identity Management concepts and integration with SAP, mobile, and cloud technologies
• Strong knowledge of controls, risk management, and corporate security posture

Education & Certifications

• Bachelor’s degree in Computer Science, Information Systems, or related field
• Relevant certifications: CISA, CISM, CISSP

Pay Range:   $139,575.00 - $186,100.00

GPI’s Benefit Program

• Competitive Pay
• 401(k) w/employer matching
• Health & Welfare Benefits
  • Medical, dental, vision, and prescription drug coverage
  • Short and Long-Term Disability
  • Life Insurance
  • Accidental Death & Dismemberment (AD&D) Insurance
  • Flexible Spending and Health Savings Accounts
• Various Voluntary benefits
• Adoption Assistance Program
• Employee Discount Programs
• Employee Assistance Program
• Tuition Assistance Program
• Paid Time Off + 11 paid company holidays each year

Applicants will be accepted on an ongoing basis and there is no deadline.

This role is incentive plan eligible.  Additional information will be shared during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, knowledge, skills, past experience, job duties, geography, and business need, among other things.

Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the Poster, EEO is the Law.

​