At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We're one of the largest manufacturers of paperboard and paper-based packaging for some of the world's most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities. With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry's best to reward the talented people who make our company successful. If this sounds like something you would like to be a part of, we'd love to hear from you. A World of Difference. Made Possible. We are seeking an IT compliance business analyst to enhance our IT compliance team within the region. The candidate holding this role can either be situated in Spain or in Poland. Responsibilities: Scope and Collect SAP Roles: Gather SAP roles and responsibilities from business stakeholders. Conflict Analysis: Perform conflict analysis in SAP configurations using the SAP GRC tool. Subject Matter Expert: Act as the subject matter expert on SAP GRC Access Control with hands-on capabilities. GRC Access Control Configuration: Configure and maintain the GRC Access Control application. Governance Controls: Collaborate with HQ Compliance, EMEA Compliance, and financial controllers to ensure the execution of governance controls related to Segregation of Duties and User Access Reviews for SAP instances in Europe. Emergency Access Control: Document and manage Emergency Access Control and User Access Provisioning processes for SAP systems. Documentation: Provide documentation for SAP security and GRC processes. Audit Communication: As part of the EMEA Compliance & Risk Task Force, facilitate communication between internal and external auditors and the security team to provide information and ensure audit compliance. Audit Inquiries: Investigate and resolve audit-related inquiries and promptly address remediation of any findings pertaining to SAP security. Break-Fix Resolution: Resolve break-fix items related to authorizations and access in SAP systems. Third-Level Support: Provide third-level support for SAP Security and GRC processes. Audit Documentation: Document roles, objects, and user access for auditing purposes. Change Management: Participate in change management calls to address queries pertaining to SAP changes. General Knowledge & Skills: Fluent in English. Excellent written and verbal communication skills. Strong analytical skills. Experience in business analytics, IT audit, or IT compliance is a plus. Ability to handle highly confidential information professionally. Ability to work well under pressure. Ability to cooperate with the IT team, financial controllers, and internal audit. Proven ability to self-manage and work with minimal supervision. Understanding of IT governance, IT governance controls, and IT audit terms. Technical Knowledge & Skills: Basic understanding or experience with the SAP environment (basic or medium SAP Implementation and Administration knowledge desirable). Preferred experience with SAP authorizations in ECC, APO, BI/BW, CRM, SCEM, and Central Finance. Preferred experience with SAP authorizations in SAP HANA, SAP Fiori, SAP Data Services, and SAP Business Objects. Preferred experience with SAP authorizations in HCM (Payroll, Time, OM/PA, and Employee Central) with an understanding of SAP HR processes. Experience with SAP GRC 10.x or higher is a plus. General knowledge of business processes within Finance, Financial Close, Sales, MM/IM, Order-To-Cash, and Purchase-To-Pay is a plus. Understanding of SAP authorization concepts, including SU24 and SU25 maintenance, is a plus. Education & Professional Credentials: High education degree in a relevant discipline (Computer Information Systems, Information System Technologies, Management Information Systems, Computer Science, or equivalent experience). Relevant certifications such as CISA, CISSP, etc., would be a plus. Proven experience with business analytics, consulting, or IT compliance is a plus.