Analyst, SAP Security & GRC



Job Description

About Rivian

Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract. 


As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations. 

Role Summary

In this position, you will be working in the SAP Security team led by the Sr Manager, Basis & Security Administration. You will be working closely with the Functional and Technical teams of the SAP ERP ecosystem. This position is based out of our Belgrade office in Serbia.


  • Ensure compliance to key regulatory, security and organizational policies and procedures
  • Engage, collaborate, and communicate effectively with variety of stakeholders to deliver the business value
  • Define and establish right size processes to enable productive use of resources
  • Design and deliver high-quality, low-cost solutions to meet business needs
  • Accountable to maintain SAP users, authorizations, roles, GRC risks, SOD, mitigation and audit reviews for S/4 HANA and Fiori
  • This individual will work closely with functional, business and audit teams to gather security requirements, design and implement security solutions, in compliance with Security, regulatory, organizational and SOX controls
  • Guide the security team to successfully implement GRC and work on Segregation of Duties


  • At least 2 years’ experience in SAP Security and GRC
  • Hands-on experience in defining SAP Security approach, role design, authorization concepts and user provisioning
  • Basis knowledge of core SAP functional modules including ERP Security across SAP's different modules (SAP S/4, Fiori, EWM, R2R, PL2PR, PP, QM, and OTC)
  • Assist with security test planning, development, and execution to ensure the successful delivery of security solutions
  • SAP S4HANA Roles & Authorizations, functional and organizational security, design Fiori groups, Space, Pages and Catalogues, Services, and Apps
  • Collaborate with business and audit teams to manage security effort, design, test and implement security solutions
  • Manage on-going security role and authorization changes to meet business and security compliance requirements
  • Experience in implementing and managing core GRC modules ARA, ARM, EAM, BRM. Define Risks, conduct risk analysis and monitor for continuous improvements and compliance
  • Work with Business, Audit teams to conduct periodic SOX audit reviews and manage remediation effort
  • Support business, audit and IT teams to define mitigation controls and support on-going maintenance
  • Experience in SAP S/4 HANA and Fiori is preferred
  • Integration experience with Azure, Workday, SailPoint, SAP HEC, AWS is preferred
  • Bachelor’s degree in Computer Science or similar discipline is strongly desired

Equal Opportunity

Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.


Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at

Candidate Data Privacy

Rivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (“Candidate Personal Data”). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law. 


Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian’s service providers, including providers of background checks, staffing services, and cloud services. 


Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.  


Please note that we are currently not accepting applications from third party application services.

Subscribe to learn about our latest news, updates and adventures.