SAP Security / GRC - Roles, Authorizations, Compliance
Data-Core Systems Inc. · Middletown, PA · 1 mo ago
Information Technology$93k/yrFull-time
Roles & Responsibilities
- SAP Security Administration & Architecture.
- SAP S/4HANA.
- SAP BRIM.
- SAP FI-CA.
- SAP HCM/SuccessFactors.
- SAP BW/4HANA.
- SAP Datasphere.
- SAP Fiori and SAP BTP.
- Ensure secure and scalable access management aligned with enterprise policies and business requirements.
- Role Design & Authorization Management.
- Composite roles.
- Derived roles.
- Fiori catalogs and groups.
- Authorization objects.
- Support user provisioning, access requests, and role lifecycle management processes.
- Troubleshoot authorization issues and perform root cause analysis for access-related incidents.
- SAP GRC Administration & Compliance.
- Access Control.
- Access Risk Analysis (ARA).
- Emergency Access Management (EAM).
- Business Role Management (BRM).
- Access Request Management (ARM).
- Segregation of duties (SoD).
- Sensitive access controls.
- Audit readiness.
- Regulatory compliance.
- Develop and maintain SoD rulesets and mitigation controls.
- Audit & Regulatory Compliance Support.
- Audit reviews.
- Compliance assessments.
- Access certifications.
- Regulatory reporting.
- Ensure compliance with enterprise policies, cybersecurity standards, and regulatory frameworks.
- Support remediation activities related to audit findings and access risks.
- SAP Security Monitoring & Risk Management.
- Monitor SAP environments for security and authorization-related risks.
- Support security assessments, vulnerability management, and remediation initiatives.
- Participate in incident response and security investigations involving SAP systems.
- Assist with implementation of security best practices and operational controls.
- Integration & Cross-Functional Collaboration.
- SAP BASIS administrators.
- Infrastructure and cloud teams.
- Functional consultants.
- Cybersecurity teams.
- Identity and access management (IAM) teams.
- Support integrations between SAP security frameworks and enterprise IAM platforms.
- Assist with SSO, MFA, and identity federation implementations.
- SAP Fiori & Cloud Security Support.
- SAP Fiori applications.
- SAP Business Technology Platform (BTP).
- Cloud-based SAP applications.
- Hybrid SAP landscapes.
- Configure and maintain security for APIs, OData services, and cloud integrations.
- Testing & Validation.
- Security testing.
- Access validation.
- Role testing.
- SoD analysis and remediation testing.
- Validate role changes, authorization updates, and compliance controls.
- Support user acceptance testing (UAT) and production deployment validation.
- Documentation & Governance.
- Security design documents.
- Role matrices.
- Compliance documentation.
- Operational procedures.
- Audit evidence and remediation records.
- Support governance, change management, and release management activities.
- Ensure adherence to enterprise security and compliance standards.
- Training & Knowledge Transfer.
- Provide guidance and training related to SAP security and compliance processes.
- Support business users and technical teams with access management processes.
- Mentor junior security analysts and support personnel as needed.
Required Skills & Experience
- 3-7 years of SAP security and authorization experience.
- 3+ years of direct SAP GRC experience.
- Proven experience supporting enterprise SAP security and compliance initiatives.
- Strong understanding of SAP authorization concepts and governance frameworks.
- SAP role design and authorization management.
- SAP GRC Access Control.
- Segregation of duties (SoD) analysis.
- SAP Fiori and cloud security.
- Security audits and compliance processes.
- SAP authorization objects.
- Security architecture principles.
- IAM and SSO technologies.
- Audit and regulatory compliance requirements.
- SAP transport and change management processes.
- SAP S/4HANA.
- SAP BTP.
- SAP BRIM.
- SAP HCM/SuccessFactors.
- Identity federation and MFA solutions.
- Strong analytical and security troubleshooting abilities.
Preferred Experience
- Experience with: Azure Active Directory, Okta or enterprise IAM platforms, SAP Cloud Identity Services, SAP Solution Manager or SAP Cloud ALM, Cloud-native SAP environments.
- Experience in utilities, transportation, finance, manufacturing, public sector, or large enterprise environments.
- Experience supporting Agile and DevOps delivery methodologies.
- Prior consulting or contractor experience in enterprise SAP environments.