Lead SAP Security, IAM, and GRC for the Retail Spine transformation. Manage role design, access controls, SoD, Firefighter, GRC Access Control, audit readiness (SOX/PCI/GDPR), IAM integration (SSO/MFA/Azure AD), SI vendor governance, and team development across S/4HANA, BTP, Fiori, and integrated systems.
Category/Area of Expertise: IT & Technology
Job Requisition: 505391
Address: USA-NC-Salisbury-2110 Executive Drive
Store Code: IT Transformation (5171438)
Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which includes five leading omnichannel grocery brands - Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Our associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more.
Primary Purspose:
The Manager III, SAP Security & GRC is responsible for leading SAP Security, Identity & Access Management (IAM), and Governance, Risk & Compliance (GRC) operations in support of the Retail Spine transformation, a business led, IT enabled modernization initiative aimed at strengthening long term competitiveness, improving operational efficiency, and establishing future state enterprise capabilities. This leader manages a team of SAP security analysts and GRC specialists responsible for role design, access controls, compliance, and audit readiness across all SAP S/4HANA and integrated systems. The Manager III partners closely with the SAP Functional teams, business process owners, Audit, InfoSec, Systems Integrator, and third party technology providers to ensure secure, compliant, and scalable SAP operations that enable Retail Spine program success.
Duties & Responsibilities:• Provide strategic and operational leadership across SAP Security and GRC functions, ensuring a secure, compliant, and well-governed technical landscape spanning S/4HANA, BTP, Fiori, and all integrated systems within the RISE with SAP environment.• Own the SAP role design standard, including role catalog governance, authorization concept, segregation of duties (SoD) frameworks, mitigation controls, and access request workflows ensuring designs are clean core aligned and sustainable across the programme lifecycle.• Define and govern identity and access management integration standards, including SSO, MFA, and Azure AD/Entra ID federation, in partnership with Enterprise Security and SI architects ensuring secure, scalable identity patterns are established and enforced across the SAP landscape.• Lead SAP GRC platform operations covering Access Control (AEM, ARM, BRM, EAM), Firefighter and Emergency Access Management processes, periodic access reviews, SoD conflict analysis, and continuous controls monitoring maintaining audit-ready posture at all times.• Own SOX, PCI, GDPR, and internal and external audit readiness for the SAP landscape, including access control evidence management, risk logs, mitigation plans, and remediation tracking in close partnership with Internal Audit, External Audit, and Enterprise InfoSec.• Ensure security is embedded across the full release lifecycle covering transport reviews, role change impact assessments, interface security validations, and landscape change controls operating consistently across agile, hybrid, and waterfall delivery models.• Govern the security obligations and deliverables of the SI and vendor partners, ensuring secure solution design, adherence to established standards, quality of security-related work products, and timely risk escalation and remediation.• Partner with SAP Technology leadership and Solution Architects to define and maintain secure solution patterns, hardening standards, and security architecture aligned to the RISE with SAP shared responsibility model and Retail Spine future state architecture.• Establish and maintain KPIs and operational metrics for SAP Security and GRC functions including role change cycle time, access request SLA adherence, SoD remediation velocity, and audit finding closure rates and drive continuous improvement through automation and process optimization across IAM and GRC workflows.• Provide security leadership during go-lives, cutovers, system refreshes, environment provisioning, and major Retail Spine transformation waves ensuring security controls are validated, access is appropriately provisioned, and risk is formally accepted or mitigated prior to each milestone.• Coach and develop SAP security analysts and GRC specialists, building capability in cloud-native SAP security, BTP security patterns, identity management, and emerging technology risk fostering a strong security engineering culture aligned to the demands of a modern SAP transformation.
Basic Qualifications:• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field.• 10+ years of experience in SAP Security and SAP GRC Access Control.• 3-5+ years leading security or technical teams in large, complex SAP landscapes.• Strong hands on experience with SAP role design, SoD, Firefighter, GRC Access Control, and audit/compliance frameworks.• Working knowledge of SAP S/4HANA, HANA, Fiori, SAP BTP, and integrated security architecture.• Experience partnering with System Integrators and managing multi vendor delivery models.• Strong understanding of SOX, PCI, GDPR, and enterprise security standards.• Excellent communication, stakeholder engagement, and leadership skills.
Preferred Qualifications:• Master's degree in Cybersecurity, Technology Management, or related discipline.• SAP or security certifications (e.g., SAP Security, SAP GRC, CISM, CISSP, CISA).• Experience supporting large scale SAP transformations, including S/4HANA migrations or RISE with SAP models.• Knowledge of identity governance (IGA), privileged access management (PAM), and cloud security patterns.• Background in retail, consumer goods, or other high volume transaction environments.
At Ahold Delhaize USA, we provide services to one of the largest portfolios of grocery companies in the nation, and we're actively seeking top talent.
Our team shares a common motivation to drive change, take ownership and enable our brands to better care for their customers. We thrive on supporting great local grocery brands and their strategies.
Our associates are the heartbeat of our organization. We are committed to offering a welcoming work environment where all associates can succeed and thrive. Guided by our values of courage, care, teamwork, integrity (and even a little humor), we are dedicated to being a great place to work.
We believe in collaboration, curiosity, and continuous learning in all that we think, create and do. While building a culture where personal and professional growth are just as important as business growth, we invest in our people, empowering them to learn, grow and deliver at all levels of the business.
Job Requisition: 505391
Address: USA-NC-Salisbury-2110 Executive Drive
Store Code: IT Transformation (5171438)
Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which includes five leading omnichannel grocery brands - Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Our associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more.
Primary Purspose:
The Manager III, SAP Security & GRC is responsible for leading SAP Security, Identity & Access Management (IAM), and Governance, Risk & Compliance (GRC) operations in support of the Retail Spine transformation, a business led, IT enabled modernization initiative aimed at strengthening long term competitiveness, improving operational efficiency, and establishing future state enterprise capabilities. This leader manages a team of SAP security analysts and GRC specialists responsible for role design, access controls, compliance, and audit readiness across all SAP S/4HANA and integrated systems. The Manager III partners closely with the SAP Functional teams, business process owners, Audit, InfoSec, Systems Integrator, and third party technology providers to ensure secure, compliant, and scalable SAP operations that enable Retail Spine program success.
Duties & Responsibilities:• Provide strategic and operational leadership across SAP Security and GRC functions, ensuring a secure, compliant, and well-governed technical landscape spanning S/4HANA, BTP, Fiori, and all integrated systems within the RISE with SAP environment.• Own the SAP role design standard, including role catalog governance, authorization concept, segregation of duties (SoD) frameworks, mitigation controls, and access request workflows ensuring designs are clean core aligned and sustainable across the programme lifecycle.• Define and govern identity and access management integration standards, including SSO, MFA, and Azure AD/Entra ID federation, in partnership with Enterprise Security and SI architects ensuring secure, scalable identity patterns are established and enforced across the SAP landscape.• Lead SAP GRC platform operations covering Access Control (AEM, ARM, BRM, EAM), Firefighter and Emergency Access Management processes, periodic access reviews, SoD conflict analysis, and continuous controls monitoring maintaining audit-ready posture at all times.• Own SOX, PCI, GDPR, and internal and external audit readiness for the SAP landscape, including access control evidence management, risk logs, mitigation plans, and remediation tracking in close partnership with Internal Audit, External Audit, and Enterprise InfoSec.• Ensure security is embedded across the full release lifecycle covering transport reviews, role change impact assessments, interface security validations, and landscape change controls operating consistently across agile, hybrid, and waterfall delivery models.• Govern the security obligations and deliverables of the SI and vendor partners, ensuring secure solution design, adherence to established standards, quality of security-related work products, and timely risk escalation and remediation.• Partner with SAP Technology leadership and Solution Architects to define and maintain secure solution patterns, hardening standards, and security architecture aligned to the RISE with SAP shared responsibility model and Retail Spine future state architecture.• Establish and maintain KPIs and operational metrics for SAP Security and GRC functions including role change cycle time, access request SLA adherence, SoD remediation velocity, and audit finding closure rates and drive continuous improvement through automation and process optimization across IAM and GRC workflows.• Provide security leadership during go-lives, cutovers, system refreshes, environment provisioning, and major Retail Spine transformation waves ensuring security controls are validated, access is appropriately provisioned, and risk is formally accepted or mitigated prior to each milestone.• Coach and develop SAP security analysts and GRC specialists, building capability in cloud-native SAP security, BTP security patterns, identity management, and emerging technology risk fostering a strong security engineering culture aligned to the demands of a modern SAP transformation.
Basic Qualifications:• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field.• 10+ years of experience in SAP Security and SAP GRC Access Control.• 3-5+ years leading security or technical teams in large, complex SAP landscapes.• Strong hands on experience with SAP role design, SoD, Firefighter, GRC Access Control, and audit/compliance frameworks.• Working knowledge of SAP S/4HANA, HANA, Fiori, SAP BTP, and integrated security architecture.• Experience partnering with System Integrators and managing multi vendor delivery models.• Strong understanding of SOX, PCI, GDPR, and enterprise security standards.• Excellent communication, stakeholder engagement, and leadership skills.
Preferred Qualifications:• Master's degree in Cybersecurity, Technology Management, or related discipline.• SAP or security certifications (e.g., SAP Security, SAP GRC, CISM, CISSP, CISA).• Experience supporting large scale SAP transformations, including S/4HANA migrations or RISE with SAP models.• Knowledge of identity governance (IGA), privileged access management (PAM), and cloud security patterns.• Background in retail, consumer goods, or other high volume transaction environments.
At Ahold Delhaize USA, we provide services to one of the largest portfolios of grocery companies in the nation, and we're actively seeking top talent.
Our team shares a common motivation to drive change, take ownership and enable our brands to better care for their customers. We thrive on supporting great local grocery brands and their strategies.
Our associates are the heartbeat of our organization. We are committed to offering a welcoming work environment where all associates can succeed and thrive. Guided by our values of courage, care, teamwork, integrity (and even a little humor), we are dedicated to being a great place to work.
We believe in collaboration, curiosity, and continuous learning in all that we think, create and do. While building a culture where personal and professional growth are just as important as business growth, we invest in our people, empowering them to learn, grow and deliver at all levels of the business.
Ahold Delhaize USA Salisbury, North Carolina, USA Office
2110 Executive Dr, Salisbury, NC, United States, 28147
Similar Jobs at Ahold Delhaize USA
AdTech • eCommerce • Food • Marketing Tech • Retail
The Security Engineering Manager oversees security policies, manages incident responses, monitors threats, and coordinates investigations to protect the technology environment. They also handle reporting and assurance on security incidents and ensure operational stability.
Top Skills:
Cis ControlsIso/Iec 27001Mitre Att&CkNistSIEMSoc
AdTech • eCommerce • Food • Marketing Tech • Retail
Deliver and maintain HR reporting and BI solutions using Power BI, SQL, and Excel. Support stakeholders by developing reports, troubleshooting data quality, responding to ServiceNow tickets, performing UAT and regression testing, and documenting requirements. Partner with IT and HR to improve HR data pipelines, analytics frameworks, and the user experience across multiple retail brands.
Top Skills:
Azure Sql Data WarehouseDaxExcelHrisM QueryPower BIServicenowSQLSsmsSuccessfactorsT-Sql
AdTech • eCommerce • Food • Marketing Tech • Retail
The Platform Engineer will design, develop, and implement MuleSoft solutions, mentor junior engineers, and collaborate across teams to meet technical requirements.
Top Skills:
AksAzure CloudDatabricksDevOpsIaacKafkaMongoDBMulesoftOpenshiftPaasPysparkPythonRtfSaaS
What you need to know about the Charlotte Tech Scene
Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.
Key Facts About Charlotte Tech
- Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
- Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
- Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
- Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus
