Apply now »

Specialist: SAP Authorisation

Division:  Strategy and Transformation
Reference No:  6804
Location: 

Centurion, Gauteng, ZA

Employment Type:  Permanent
Disability (EE targeted role):  No
T.A.S.K Grade:  15
Job Posting Salary:  R891,176.00
Job Posting End Date:  2 Jun 2026

The Road Accident Fund’s mission is to provide timely and equitable assistance to those affected by motor vehicle accidents through the provision of appropriate social benefits to ensure financial relief and recovery for qualifying individuals.

 

 

 

Purpose of the Job: Reporting to the Technical Product Owner: ERP Platforms, the successful incumbent is accountable to protect and maintain the Confidentiality, Integrity and Availability of all data processed on the RAF’s SAP systems.

 

Key Performance Areas

 

Incident Response and Remediation

  • Maintain the Confidentiality, Integrity and Availability of the RAF Information contained within SAP systems.
  • Ensure security incidents or requests are recorded in the RAF incident management system.
  • Conduct investigation, analysis and review following any security breach or incident.
  • Initiate the investigation of incident.
  • Compile reports around the breach or incident.
  • Implement corrective actions where approved.
  • Maintain detailed records of breach or incident using agreed procedures.

 

Role Based Access Control (RBAC) and Segregation of Duty (SoD) Risk Analysis

  • Engage with RAF business process owners (BPO) to ensure that access controls are designed in accordance with business requirements.
  • Ensure proper Segregation of Duty (SoD) and risk analysis are performed for all identity and access management controls.
  • Draft and maintain authorized records for all SAP Roles used within the RAF.
  • Ensure that data and system owners approve access.
  • Operate and administer logical access controls and directly associated security services relating to all platforms used in order to provide a continuous and secure access service to all Information facilities.
  • Apply Access control tools within the RAF according to the RAF policies, standards, processes and procedures.
  • Ensure adequate physical access control mechanisms are in place.
  • Facilitate the access controls between the RAF systems and external third parties.
  • Ensure IT security integration with SAP and other systems such as LDAP, AD and Identity Management.

 

Design, Develop and Implement SAP Security Controls

  • Ensure SAP security patching is applied regularly.
  • Ensure SAP module, Enterprise portal and web services are adequately protected.
  • Ensure that Governance Risk and Compliance is maintained throughout.
  • Prepare recommendations for appropriate security control improvements and introduction of new security controls.
  • Provide guidance and support to respective IT operational staff on systems security processes, policies and security controls.
  • Identify if there are any security violations while implementing the changes to the configurations.
  • Provide necessary corrective actions or solutions from security perspective.
  • Advise and handle all enquiries relating to IS security, contingency planning and activities of the function as and when required.

 

Draft and Maintain Documented Standards, Processes and Procedures

  • Draft and maintain all standards, processes and procedures for SAP Security.
  • Draft and maintain supporting documentation for SAP security.

 

Monitoring, Reviewing and Reporting on SAP Security

  • Continuous monitoring of SAP security and sensitive transactions.
  • Periodic review of all relevant logs in SAP systems.
  • Ensure that access requests by data subjects are reviewed in accordance with approved procedures.
  • Ensure reports are submitted on time, duly authorized and maintained for record keeping.

 

Auditable Record Keeping of all Access, Monitoring, Reporting and Remediation

  • Ensure all requests and changes are correctly authorized before implementation.
  • Document all monitoring and reviewing in the approved report template.

 

Audit Recommendation Analysis and Implementation

  • Assist in conducting IS risk assessments for SAP.
  • Participate in periodic IT security Audits by making security related documents available to the auditor.
  • Implement recommended changes as per audit.
  • Prepare security reports for management.
  • Maintain security incident reports.

 

Act as a Substitute in the Department to Cover Capacity

  • Ensure security incidents/requests are recorded in the RAF incident management system.
  • Respond and remediate incidents and requests within the statutory time periods.

 

Policy Review and Implementation

  • Contribute to developing and implementing departmental policy, standards and procedures, and processes.
  • Keep up to date with effective policy and practice execution strategies.

 

Reporting

  • Provide feed back the outcome of review meetings to the Senior Business Relationship Manager.
  • Provide visibility and reporting on progress with the roadmap, and escalating any issues encountered during delivery that may affect the annual planning.

 

Stakeholder Management

  • Proactive and progressive relationships with key stakeholders.
  • Deal with inquiries and requests for information from both internal and external stakeholders.
  • Conduct regular SLAs reviews with stakeholders as defined by the Senior Business Relationship Management.

 

Qualifications and Experience

  • Bachelor’s Degree/Advanced Diploma in Information Technology related qualification.
  • SAP certifications in Security/Authorizations are required:
  1. Certified Technology Professional - Security with SAP NetWeaver 7.0 (P_ADM_SEC_70).
  2. SAP Certified Application Associate (C_GRCAC_10) GRC.
  3. SAP BusinessObjects Access Control 10.0 (C_GRCAC_10).
  4. SAPHANA, ADM945 Authorization Concept for SAP Fiori on S/4HANA.
  5. SAP S/4HANA Security Concepts.
  • Attendance in AWS practitioner will be an added advantage
  • ITIL Foundation will be an added advantage.
  • Relevant 5 - 7 years’ experience in SAP Security environment.

 

Technical and Behavioral Competencies Required

  • Resilience.
  • Network and alliance.
  • Employee engagement.
  • Ethics and values.
  • Change management.
  • Critical and innovative thinking
  • Policy conceptualisation and formulation.
  • Risk Management.
  • Stakeholder development and relations.
  • Reporting.
  • SAP Solution knowledge and experience.
  • SAP security configuration and administration skills.
  • SAP risk analysis (Authorisation and SoD).
  • SAP Infrastructure security.
  • Sound Networking knowledge (TCP/IP etc).
  • Solid Information Security knowledge and experience (Standards, Procedure, Process and Best Practice eg: ISO 27001, CoBIT, ISF SOGP, ITIL.
  • Planning Skills.
  • Reporting Skills.
  • Risk Assessment Skills.
  • Analytical Thinking.
  • Communication (Verbal and Written).
  • Conformity and integrity.

 

 

NB: “RAF offers Total Employment Cost packages with no additional contributions from the Employer, successful candidates are required to structure their packages in a manner that will suit their needs”.

 

 

 

 

The Road Accident Fund subscribes to the principles of employment equity and preference will be given to People with Disabilities.

Applicants who have not received any correspondence from us within six weeks from the closing date can consider themselves unsuccessful.

Security Vetting shall be conducted on all prospective employees.

It is the applicants’ responsibility to have foreign qualification evaluated by the South African Qualification Authority (SAQA) and to provide proof of such evaluation.

 

Apply now »