Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.

Responsibilties:

• Sound knowledge of SAP GRC Access Control.
• Collaborate with senior leadership to develop formal processes for SOD Monitoring, SOD Remediation, and SAP Ruleset Maintenance.
• Support Governance, Risk and Compliance (GRC) projects in partnership with IT and business units.
• Understand core business processes such as P2P, O2C, R2R, and Production Cycle, and identify SoD access risks across these processes.
• Review the operation of various SAP modules, evaluate internal controls, identify irregularities, and recommend improvements.
• Assist Business Compliance Management in preparing reports that clearly present compliance review results and recommend corrective actions.
• Manage SOD-related SOX narratives and Risk Control Matrices (RCMs).
• Coordinate responses and documentation for internal and external audit queries
• Assess new SAP systems/modules entering GRC scope, including T‑codes, roles, authorization objects, and security design.
• Validate adequacy of access controls and provide risk recommendations.
• Periodically review and update the SAP GRC SoD & Sensitive Access ruleset based on system and process changes.
• Conduct risk assessments for non‑SAP applications and identify integration points with SAP GRC.
• Attend Architecture Design Review (ADR) meetings and conduct financial and operational risk assessments for IT system changes that impact internal controls
• Support alignment of non‑SAP risks within the broader SAP GRC framework.
• Experience in S/4 HANA implementation for SAP GRC

• 5-8 years of experience in SAP security - GRC 12.0
• Hands-on experience with SAP ECC or S/4
• Experience in Segregation of Duties (SoD) analysis and ERP access controls testing.
• Strong expertise in SOX audit/compliance and implementation of effective controls.
• Bachelor’s degree (UG) in Finance or IT security