Responsibilities:
- Security Architecture and Design Execution: Lead the design and definition of the global SAP authorization concept and security architecture. Execute the hands-on implementation and build-out of security roles and profiles across all critical platforms, including S/4HANA, Fiori, HANA DB, and BTP, ensuring alignment with architectural standards.
- GRC Strategy and Technical Operations: Provide leadership and guidance on the administration, configuration, and optimization of the SAP GRC Access Control suite (10.x/12.x). Simultaneously, perform daily technical operations like managing access requests, refining the SoD ruleset, and troubleshooting GRC workflow configurations (e.g., MSMP, BRF+).
- Compliance Governance and Remediation: Govern the SAP security landscape to ensure strict adherence to internal policies and external regulations (SOX, GxP). Perform the technical analysis and hands-on remediation of identified security risks, working closely with auditors and business process owners to maintain an audit-ready environment.
- Advanced Technical Support and Mentorship: Serve as the top-tier subject matter expert (SME) for complex security incidents and failures. Provide L3 operational support through rotational shifts and on-call duties. Mentor and guide junior team members (if applicable) on best practices for SAP security implementation and troubleshooting.
- Documentation and Lifecycle Management: Own and drive the creation and management of comprehensive SAP security documentation, including design specifications and operational procedures. Execute periodic reviews and updates to security controls and processes as part of the system lifecycle management.
Requirements:
- Bachelor’s Degree or higher and 7 + years of hands-on experience in SAP Security, GRC Administration and Cloud based SAP Application Security.
- Minimum 5 year of experience in SAP GRC 10.x/ 12.x Access Control modules and minimum 3 years in S/4 Hana Security and GRC Implementation experience with focus on Role authorizations.
- Experience with development and implementation of the full suite of SAP GRC products, at least SAP GRC Access Control and SAP GRC Process Control but also experience in other SAP application such as HANA, S4, Fiori, GRC Risk Management, Audit Management, etc.
- In depth working knowledge of GRC components (Access Request Management, Access Risk Analysis, User access review and EAM) and SoD.
- Good knowledge on S4 HANA, FIORI, HANA and BTP Security concepts.
- 3+ years’ hands-on experience creating HANA DB security roles, and user setup for developers & modelers, database administrators and end users.
- Ready to work in rotational Shifts in weekdays and should be able to take on call support during weekend / holidays.
Nice to have Skills:
- SOX/GRC Control experience and GRC configuration, MSMP and BRF+.
- Life Science (GxP) experience is a plus.
- Experience with developing, implementing SAP Security (Fiori, ECC and S/4HANA), and experience with designing a SoD ruleset in SAP GRC Access Control.
- Experience with translating control framework requirements into an authorization concept.
