The work we do has an impact on millions of lives, and you can be a part of it.
We help protect our customers against life’s uncertainties. Regardless of where you work within the company, you’ll be helping provide protection and peace of mind when our customers need it most.
We are seeking a self-motivated and detail-oriented SAP Role Administrator to join our IT Operations Strategic Platform Administration team. This role is responsible for the administration, governance, and lifecycle management of SAP security roles and user access, ensuring compliance with internal controls, audit requirements, and business needs.
The ideal candidate is a proactive problem solver with strong SAP security expertise, experience working within SAP GRC processes, and the ability to manage both internal stakeholders and external vendor resources to deliver high-quality role administration services.
Please note: This position requires direct, hands-on SAP Security and Role Administration experience. General SAP functional, business analyst, or end-user experience alone does not satisfy the minimum qualifications for this role.
Important: Minimum Requirements
- To be considered for this position, candidates must have:
- 3+ years of SAP Security / Role Administration experience
- Experience with SAP GRC and Segregation of Duties (SoD) controls
- Experience with SAP user provisioning, access governance, and role management
- Experience supporting audit, compliance, and access review activities
- Experience troubleshooting SAP authorization and security access issues
- Experience working in a production enterprise SAP environment
- Applicants without direct SAP Security/Role Administration experience may not be considered
Highly Preferred/Selective Qualifications:
- Experience supporting SAP FI, FSCD, or other financial SAP modules
- Experience performing User Access Reviews (UARs)
- SAP GRC certification or related SAP Security training
- Experience supporting external or internal audit activities
- Experience using ServiceNow or comparable access request systems
- Experience coordinating vendor resources
- Knowledge of SSO, LDAP, Active Directory, and Azure Entra ID
- Experience within highly regulated or compliance-driven environments
- Candidates must be authorized to work in the United States without current or future visa sponsorship
\n
Key Responsibilities:
SAP Security & Access Administration
- Administer SAP user access, including provisioning, modification, and de-provisioning of roles across SAP environments.
- Validate and interpret access requests to ensure proper role assignment aligned with job responsibilities and business requirements.
- Support and maintain SAP role structures, including workgroups, approval workflows, and access dependencies.
- Ensure compliance with segregation of duties (SoD) policies and enterprise security standards.
Application & Role Lifecycle Management
- Manage the lifecycle of SAP roles, including design support, enhancements, testing, deployment, and retirement.
- Support application upgrades, patches, and changes impacting security roles and access models.
- Maintain alignment of SAP role strategy with business processes and IT initiatives.
- Document role administration processes, job aids, and governance standards.
Audit, Risk, & Compliance
- Coordinate and execute periodic reviews to support audit and compliance requirements.
- Support GRC processes, including firefighter (emergency access) reviews, ruleset maintenance, ownership assignments, workflows, and risk analysis activities.
- Partner with internal audit and risk teams to remediate findings and strengthen access controls.
- Maintain documentation and evidence required for internal and external audits.
Vendor Management
- Provide day-to-day oversight of resources performing SAP role administration.
- Assign and prioritize work, ensuring timely and accurate completion of access requests and role changes.
- Monitor vendor performance, quality of deliverables, and adherence to SLAs.
- Drive accountability and continuous improvement in vendor-supported processes.
Operational Support & Troubleshooting
- Provide ongoing support for SAP access-related issues, including troubleshooting role assignments and authorization errors.
- Analyze and resolve access issues impacting business operations.
- Monitor role administration processes and identify opportunities for optimization and automation.
- Ensure service levels are met for access request fulfillment and support activities.
Stakeholder Collaboration
- Collaborate with business units to understand access needs and ensure appropriate role design.
- Provide guidance to users, managers, and approvers on SAP access request processes.
- Partner with IT, security, and finance teams on cross-functional initiatives impacting SAP access and controls.
- Communicate effectively with technical and non-technical stakeholders.
Qualifications:
- Bachelor’s degree in a technical field or equivalent experience.
- 3+ years of experience in SAP Security / Role Administration.
- Strong understanding of SAP role design, user provisioning, and access governance.
- Experience working within SAP GRC or similar access control frameworks.
- Strong verbal and written communication skills.
- Excellent problem-solving and multitasking abilities.
- Ability to work independently while managing competing priorities.
Preferred Experience:
- Experience supporting SAP FI, FSCD, or financial modules.
- Experience executing User Access Reviews (UARs) and supporting audit cycles.
- Familiarity with ServiceNow or similar access request and workflow systems.
- Experience managing or coordinating with external vendors
- Knowledge of authentication protocols (SSO, LDAP, Active Directory, Azure).
- Experience supporting enterprise compliance or regulatory environments.
\n
$77,000 - $94,820 a year
Protective’s targeted compensation for this position is $77,000 - $94,820. Actual salaries may vary depending on factors, including but not limited to, job location, skills, and experience. The range listed is just one component of Protective’s total compensation package for employees. This position also offers additional incentive opportunities through an annual incentive based on individual and Company performance.
\n
Employee Benefits:
We aim to protect the wellbeing of our employees and their families with a broad benefits offering. In addition to offering comprehensive health, dental and vision insurance, we support emotional wellbeing through mental health benefits and an employee assistance program. Work/life balance is important and Protective offers a variety of paid time away benefits (e.g., paid time off, paid parental leave, short-term disability, and a cultural observance day). The financial health of our employees is just as important as physical and emotional health. Some of the financial wellbeing benefits include contributions to healthcare accounts, a pension plan, and a 401(k) plan with Company matching. All employees are encouraged to protect their overall wellbeing by engaging in ProHealth Rewards, Protective’s platform to improve wellbeing while earning cash rewards.
Eligibility for certain benefits may vary by position in accordance with the terms of the Company’s benefit plans.
Accommodations for Applicants with a Disability:
If you require an accommodation to complete the application and recruitment process due to a disability, please email eric.hess@protective.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application and recruitment process.
Please note that the above email is solely for individuals with disabilities requesting an accommodation. General employment questions should not be sent through this process.
We are proud to be an equal opportunity employer committed to being inclusive and attracting, retaining, and growing an inclusive workforce.