Principal IT Technologist - SAP GRC Cloud S4 Security & Audit Compliance

We anticipate the application window for this opening will close on - 3 Dec 2024

 

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You’ll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the LifeThe person in this role may work remotely within the US or onsite at a US-based Medtronic facility.

We are seeking a highly skilled and experienced Principal IT Technologist for the GRC Administration team. In this role, you will be responsible for administering and enhancing Governance, Risk, and Compliance (GRC) processes, with specific focus on cloud-native applications and Security Access Governance (IAG). You will play a key role in ensuring the security and compliance of our SAP and cloud platforms, working closely with the Vendor Management Office (VMO) and supporting IT Audit CAPA (Corrective and Preventive Action) assessments.

The ideal candidate will have a strong technical background in GRC administration, Identity & Access Governance (IAG), and SAP S4, along with the ability to manage licensing provisions and ensure effective service delivery. Strong communication and presentation skills are essential, as you will interact with cross-functional teams, leadership, and external stakeholders.

We believe that when people from different cultures, genders, and points of view come together, innovation is the result —and everyone wins. Medtronic walks the walk, creating an inclusive culture where you can thrive. Our unwavering commitment to inclusion, diversity, and equity (ID&E) means zero barriers to opportunity within Medtronic and a culture where all employees belong, are respected, and feel valued for who they are and the life experiences they contribute. We know equity starts beyond our workplace, and we must play a role in addressing systemic inequities in our communications if we hope to have long-term sustainable impact.

Anchored in our Mission, we continue to drive ID&E forward both to enhance the well-being of Medtronic employees and to accelerate innovation that brings our lifesaving technologies to more people in more places around the world.

Bring your talents to an industry leader in medical technology and healthcare solutions – we’re a market leader and growing every day. You can be proud to be a part of technologies that are rooted in our long history of mission-driven innovation. You will be empowered to shape your own career. We encourage and support your growth with the training, mentorship, and guidance you need to own your future success. Together, we can transform healthcare. Join us for a career in IT that changes lives. Medtronic is committed to fostering a diverse and inclusive culture. Check out the accomplishments of our Women in IT group! http://bit.ly/MedtronicWomeninIT

CAREERS THAT CHANGE LIVES

GRC ADMINISTRATION AND SUPPORT 

• Administer and manage GRC (Governance, Risk, and Compliance) platforms, ensuring they align with organizational policies and best practices. 
• Configure and maintain IAG (Identity and Access Governance) systems to manage security and compliance for cloud-native applications and SAP platforms. 
• Support ongoing service delivery of GRC solutions, ensuring smooth operation, troubleshooting, and user support. 

SAP SECURITY AND LICENSING MANAGEMENT 

• Collaborate with the Vendor Management Office (VMO) to ensure accurate and compliant SAP licensing provisions. 
• Ensure SAP platform licenses are correctly monitored, tracked, and maintained. 
• Administer user access, roles, and security policies within SAP S4 environments. 
• Support license provisioning, audits, and compliance requirements for SAP applications. 

IT AUDIT AND COMPLIANCE 

• Collaborate with team members (as needed) on IT Audit CAPA assessments, ensuring compliance with regulatory and internal security requirements. 
• Work with audit teams to identify gaps, propose solutions, and implement corrective and preventive actions for SAP and cloud security. 
• Collaborate with the IT audit team to address audit findings and ensure timely completion of CAPA (Corrective and Preventive Actions). 

CLOUD-NATIVE APPLICATION SECURITY 

• Oversee the administration and implementation of security protocols for cloud-native applications, ensuring the protection of sensitive data. 
• Integrate cloud security best practices into the GRC framework, ensuring consistency and compliance across platforms. 
• Stay updated with industry trends, tools, and technologies relevant to cloud security and GRC. 

STAKEHOLDER MANAGEMENT & CROSS-FUNCTIONAL COLLABORATION 

• Collaborate with various teams, including VMO, IT Security, and Business units, to ensure effective communication and alignment on compliance and security objectives. 
• Provide technical expertise and guidance to internal teams and stakeholders on GRC, security, and access governance best practices. 
• Deliver presentations and technical training sessions on GRC solutions, security, and compliance. 

TECHNICAL EXPERTISE 

• Extensive experience in GRC administration and Identity & Access Governance (IAG), with strong technical knowledge of cloud security frameworks. 
• Proficiency in administering and configuring SAP S4 systems, with a deep understanding of SAP security roles, access control, and licensing management. 
• Hands-on experience with GRC tools (e.g., SAP GRC Access Control, SAP Identity Management, ServiceNow GRC). 
• Knowledge of cloud-native application security practices and tools (AWS, Azure, GCP, etc.). 

IT AUDIT AND COMPLIANCE 

• Familiarity with IT Audit CAPA assessments and the ability to address audit findings effectively. 

• Strong understanding of regulatory requirements related to IT security and compliance (e.g., SOX, GDPR, SOC 2, HIPAA). 

• Ability to lead compliance assessments and ensure adherence to industry standards and best practices. 

LICENSING AND VENDOR MANAGEMENT

• Expertise in managing SAP licensing and working closely with VMO (Vendor Management Office) to ensure compliance and cost optimization. 
• Strong understanding of software asset management (SAM) principles. 

SOFT SKILLS

• Strong presentation skills: Able to communicate technical concepts to non-technical stakeholders clearly and effectively. 
• Problem-solving and analytical skills: Capable of diagnosing complex technical issues and proposing effective solutions. 
• Collaboration and teamwork: Able to work effectively in cross-functional teams and manage stakeholder expectations. 
• Detail-oriented with strong organizational skills, ensuring accuracy and completeness in all GRC-related tasks. 
• Proactive communication: Keeps stakeholders informed on project progress, risks, and mitigation strategies. 

MUST HAVE (Minimum Qualifications)

• High school diploma (or equivalent) and 12+ years of experience

OR

• Bachelor’s degree and 7+ years of experience or advanced degree and 5+ years of experience

NICE TO HAVE (Preferred Qualifications)

• Strongly Preferred:
  • Previous Medtronic experience
  • Degree in Information Technology, Computer Science, Cybersecurity, or related technical discipline
  • SAP GRC, CISSP, CISM, CISA, and/or other relevant certifications
  • 7+ years of experience in GRC administration, IAG, or related IT security roles focused on Cloud and/or SAP platforms

• Experience with SAP S/4HANA and integrating GRC tools with SAP systems. 

• Experience with cloud-native security frameworks and tools (e.g., AWS Security, Azure Security, GCP Identity & Access). 
• Familiarity with ServiceNow GRC modules for incident management, compliance tracking, and reporting. 

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. 

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation
 

Medtronic offers a competitive Salary and flexible Benefits Package
A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create.  We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.
 

Salary ranges for U.S (excl. PR) locations (USD):$116,000.00 - $174,000.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

Medtronic benefits and compensation plans

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.
Our Mission — to alleviate pain, restore health, and extend life — unites a global team of 90,000+ passionate people. 
We are engineers at heart— putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here.

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.