Title:  SAP Security Senior Analyst

Requisition ID:  3714

Atlanta, GA, US, 30328

Department:  Information Technology
Travel:  Up to 25%

If you are a GPI employee, please click the Employee Login before applying.


At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We’re one of the largest manufacturers of paperboard and paper-based packaging for some of the world’s most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities. 


With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry’s best to reward the talented people who make our company successful.


If this sounds like something you would like to be a part of, we’d love to hear from you.


A World of Difference. Made Possible.




The SAP Security Senior Analyst works under the direction of the SAP Security Manager and will require working out of our HQ location in Atlanta.  This position is responsible for maintaining SAP security roles and profiles within the GPI SAP landscape and keeping it aligned with GPI’s Information Security policies and IT General Controls framework. The Sr. Analyst partners with cross functional teams to ensure a secure and auditable SAP environment. The Sr. Analyst works to achieve security and audit compliance and provides input to all SAP Security related policies, procedures, control sets, and best practices.  The Sr. Analyst will support and administer the SAP GRC application and ensure it is operating effectively and efficiently.





  • Provide 2nd and 3rd level support for SAP security incidents and SAP provisioning requests.
  • Execute SAP provisioning requests leveraging the SAP GRC Access Control capabilities.
  • Scope and collect SAP security requirements for business and technology sponsored projects or enhancements.
  • Develop SAP security solutions to support business needs and in alignment with GPI’s financial controls framework.
  • Maintain existing SAP users, security roles and SAP GRC processes.
  • Provide training and documentation for SAP security and SAP GRC processes.
  • Provide support for SAP instances related to security.
  • Represent the IT Governance, Risk & Compliance team as a subject matter expert on the topics of SAP Security and SAP GRC system.
  • Lead small projects and key project tasks on large projects.
  • Work with internal and external auditors to provide evidence requests via the AuditBoard system.
  • Act as the primary responsible person for supporting and administering the SAP GRC Access Control application and ensure it is configured, maintained, and operating effectively and efficiently.
  • Ensure emergency access provisioning procedures and operations in SAP GRC Access Control remain compliant with established GPI Information Security policies.
  • Ensure that SAP Security and SAP GRC processes comply with security methodology and technical standards.
  • Manage to resolution all SAP Security audit exceptions as reported by Internal Audit department.
  • Assist with SAP License measurement and audit rounds.
  • Resolve break-fix items related to authorizations and access in SAP systems.
  • Document role, objects, and user access for auditing purposes.
  • Coordinate necessary testing of security changes.
  • Ensure that proper change control around SAP security activities is followed.
  • Participate in change management calls and present SAP security related changes to the change advisory boards when required.
  • Train control owners on use of SAP GRC for elevated access reviews.
  • Document and maintain standard operating procedures for SAP Security processes.
  • Use of the ServiceGPI system for tracking incidents and changes.
  • Use of the OneTrust GRC platform for tracking of control owner reviews.
  • Maintain the SAP GRC control matrices and mappings used for segregation of duties evaluations conducted at GPI.




General Knowledge & Skills

  • Excellent written and verbal communication skills.
  • Ability to effectively communicate up, down and across, including and not limited to, presenting new ideas and solutions pertaining to SAP Security and GRC to leadership.
  • Ability to handle highly confidential information in a strictly professional manner.
  • Ability to work well under pressure.
  • Strong analytical skills.
  • Proven ability to self-manage and work with minimal supervision.
  • Strong understanding of prevailing practices in the SAP Security and GRC domain.


Technical Knowledge & Skills:

  • 10+ years' experience with SAP Security Design, Implementation and Administration.  Demonstrated experience in a leading capacity defining SAP security on SAP implementations is required. 
  • Solution experience in a manufacturing industry is desired.
  • 5+ years' experience in configuring, deploying, integrating, and maintaining SAP GRC 12.x.  Experience in using and/or implementing third-party bolt-on GRC enhancements would be a plus.  The ideal candidate would have a proven experience integrating GRC with SAP, non-SAP, on-prem and SaaS applications for user access provisioning, SOD risk analysis, KPIs, etc.
  • Strong and proven experience with all aspects of SAP authorizations in ECC, APO, BI/BW, CRM, SCEM, S/4HANA, SAP Enterprise Portal, HANA database, Fiori, SLT, MDG, Business Objects, HCM, SuccessFactors.
  • Experience with Organizational Level creations and maintenance.
  • Strong understanding of Structural Profiles.
  • General knowledge of business processes within Finance, Financial Close, Sales, MM/IM, Order-To-Cash, Purchase-To-Pay, and Employee Central is a plus.
  • Expertise in analyzing and resolving complex authorization problems utilizing SAP standard tools.
  • Good handle on controls principles, risks, and overall awareness of the corporate security posture.


Education & Professional Credentials:

  • Bachelor's degree in a relevant discipline (Computer Information Systems, Information System Technologies, Management Information Systems, Computer Science, or equivalent experience).
  • Relevant certifications from SAP or those from other professional organizations such as CISA, CISM, CISSP, etc. would be a plus.




  • Integrity and Trust 
  • Action Oriented
  • Customer Focus
  • Planning
  • Timely Decision Making
  • Problem Solving 
  • Learning on the Fly
  • Composure
  • Dealing with Ambiguity
  • Business Acumen
  • People skills



Pay Range:   $93,030.00 - $124,005.00


Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the Poster, EEO is the Law.


Nearest Major Market: Atlanta