Share this Job

Principal SAP Security Leader


Denver, PA, US

Company:  UGI Utilities, Inc
Remote Options: 

UGI Utilities, Inc. is a natural gas and electric utility company committed to delivering reliable, safe and affordable energy to our 700,000 customers in 45 counties in Pennsylvania and 1 county in Maryland. We pride ourselves on being a responsive, engaging energy company.  The foundation of our success lies in the strength of our 1,700 plus employees who strive to exceed the expectations of our customers and the communities we serve every day.


We offer comprehensive benefits, some of which are:

  • medical, prescription, dental, vision, life insurance
  • disability plans
  • 401(k) matched savings plan
  • paid vacation
  • company stock purchase program
  • wellness programs
  • tuition reimbursement
  • paid parental leave
  • paid volunteer time
  • adoption assistance
Job Summary

The Principal SAP Security Leader is responsible for the support and administration of all SAP Access activities and implementations.  This includes planning, coordination, and implementation of all changes in SAP access and privileges.  This position supports the enforcement of corporate, regulatory, and risk management policies and assists in developing, maintaining, and publishing corporate SAP security standards, procedures, and guidelines for enterprise computing platforms.  It provides support to departments on issues of SAP Security, including technical guidance and training, and designs and implements programs for user awareness, compliance monitoring, and security compliance.

Duties and Responsibilities
  • SAP GRC Administration: Manage role based access control privileges/permissions, including segregation of duties (SOD) considerations, associated mitigating controls, and rules.  Provide consulting for SOX Compliance Team to support their compliance efforts.  Support the security access admin team’s access request efforts.
  • Security Administration: Manage and participate in the following efforts –
    • Support a comprehensive audit trail of user and role based access control activities.
    • Work closely with functional teams to coordinate and complete enhancements to company's enterprise‐wide SAP implementations.
    • Perform maintenance of user access and role authorizations across the SAP solutions landscape.
  • Quarterly Access Recertification: Lead the quarterly Access Recertification efforts for SAP, including initiation, user support, and follow‐through on exceptions.
  • Support Audit Requests: Provide requested information and participate in meetings with internal and external auditors.
  • Other IT Compliance Projects as assigned.
Knowledge, Skills and Abilities
  • Advanced knowledge of SAP Security configuration in the following areas: S/4 HANA, ECC, CRM, BW/BOBJ, SM, GRC, Fiori, HANA Database, Netweaver.
  • Advanced knowledge of SAP GRC Administration, particularly Access Control, including Request Management, Access Risk Analysis, User Access Recertification, Business Role Management, Workflow Configuration, Emergency Access Management.
  • Experience translating user requirements into technical SAP security roles.
  • Ability to lead and manage a multi-functional team and processes.
  • Intermediate or advanced proficiency using Microsoft Office products, particularly Outlook, Excel and Visio.
  • Excellent verbal and written communication skills.
  • Working knowledge of the COBIT IT Governance & Management framework or other structured industry standard Methodology.
  • Working knowledge of the Sarbanes-Oxley Act and experience performing principal accountabilities in a SOX compliant environment.
Education and Experience

•    7 or more years of SAP Security and GRC Administration AND Bachelor’s degree in Computer Science, Business Administration or related field 
•    OR 12+ years of SAP Security and GRC Administration
•    ITIL Foundation Certificate (required to obtain within 1 year of employment)
•    8-10 years of SAP Security and GRC Administration AND Bachelor’s degree in Computer Science, Business Administration or related field 
•    OR 15+ years of SAP Security and GRC Administration

UGI Utilities, Inc. is an Equal Opportunity and Affirmative Action Employer.  As such, the Company abides by the requirements of the Executive Order 11246, 41 CFR 60-741.5(a), and 41 CFR 60-300.5(a).  The Company does not discriminate on the basis of race, color, sex, national origin, disability, age, gender identity, veteran status, or any other legally protected class in its practices.


Successful applicants shall be required to pass a pre-employment drug screen as a condition of employment, and if hired, shall be subject to substance abuse testing in accordance with UGI policies. As a federal contractor that engages in safety-sensitive work, UGI cannot permit employees in certain positions to use medical marijuana, even if prescribed by an authorized physician. Similarly, applicants for such positions who are actively using medical marijuana may be denied hire on that basis.