Description :

We are seeking an experienced SAP GRC & Security Consultant with deep expertise across SAP ECC and SAP S/4HANA environments.

The ideal candidate will be responsible for designing, configuring, and supporting end-to-end SAP Security and GRC solutions across S/4HANA Public Cloud and Private Cloud landscapes.

This role requires strong functional and technical knowledge of SAP authorization concepts, compliance frameworks, risk management, and security best practices, with the ability to collaborate closely with business, audit, and IT stakeholders.

Key Responsibilities :

SAP Security Design & Implementation :

- Design, configure, and support SAP Security for SAP ECC and SAP S/4HANA (Public & Private Cloud).

- Build and maintain role-based authorization concepts using best practices (PFCG, Fiori catalogs/groups).

- Design and implement security roles for SAP modules such as FI, CO, MM, SD, PP, HCM, EWM, TM, and SuccessFactors (as applicable).

- Configure and manage Fiori security, catalogs, spaces, pages, and OData authorizations.

- Support system upgrades, migrations, and ECC to S/4HANA conversions from a security and GRC perspective.

SAP GRC Access Control :

- Implement and support SAP GRC Access Control (AC) including :

1. Access Risk Analysis (ARA)

2. Emergency Access Management (EAM / Firefighter)

3. Access Request Management (ARM)

4. Business Role Management (BRM)

- Configure SoD rule sets, mitigation controls, and risk remediation strategies.

- Perform regular SoD analysis and support internal and external audits.

- Ensure compliance with regulatory and audit requirements (SOX, GDPR, internal IT controls).

User & Authorization Management :

- Manage user provisioning, role assignments, and periodic user access reviews.

- Handle privileged access management, firefighter IDs, and emergency access logs.

- Support user lifecycle processes including onboarding, changes, and offboarding.

- Troubleshoot and resolve authorization issues using SU53, STAUTHTRACE, and audit logs.

Cloud Security & Integration :

- Support SAP Security for S/4HANA Public Cloud, including :

1. SAP Identity Authentication Service (IAS)

2. SAP Identity Provisioning Service (IPS)

3. Integration with Azure AD / Active Directory

- Configure Single Sign-On (SSO) and identity federation.

- Secure integrations with SAP BTP, third-party applications, and interfaces.

Audit, Compliance & Risk Management :

- Act as a key liaison with auditors for SAP security and GRC-related audits.

- Prepare audit documentation, evidence, and compliance reports.

- Support periodic access recertifications and control testing.

- Identify security gaps and proactively recommend improvements.

Support & Continuous Improvement :

- Provide L2/L3 support for SAP Security and GRC-related incidents and enhancements.

- Participate in global rollouts, template design, and continuous improvement initiatives.

- Develop and maintain security documentation, SOPs, and role design guidelines.

- Train junior consultants and business users on SAP security best practices