Job Purpose :

We are seeking a proactive and detail-oriented SAP GRC Consultant to join our growing team. In this role, you will be responsible for implementing, configuring, and supporting SAP GRC (Governance, Risk, and Compliance) solutions, primarily focusing on Access Control (AC) and Process Control (PC). You will play a crucial part in helping our clients manage their access risks, automate compliance processes, and ensure adherence to internal policies and regulatory requirements.

Key Responsibilities :

SAP GRC Implementation & Configuration :

- Participate in the end-to-end implementation lifecycle of SAP GRC Access Control (AC) and Process Control (PC) modules.

- Configure GRC functionalities including Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM - Firefighter), Business Role Management (BRM).

- Assist in setting up GRC workflow configurations and approval processes.

- Support the configuration of Process Control for control monitoring and compliance.

Access Risk Analysis & Remediation :

- Perform Segregation of Duties (SoD) analysis and risk remediation activities using GRC Access Risk Analysis (ARA).

- Work with business users to understand SoD conflicts and propose mitigation controls.

- Assist in maintaining the GRC rule set and updating it based on business requirements.

User Access Management :

- Support the automation of user provisioning and de-provisioning processes through GRC Access Request Management (ARM).

- Manage and monitor Emergency Access Management (EAM / Firefighter) sessions.

Compliance & Audit Support :

- Assist in gathering audit evidence and generating compliance reports from the GRC system.

- Support internal and external audit requirements related to access management and controls.

- Ensure GRC configurations align with organizational security policies and regulatory mandates.

Documentation & Training :

- Create and maintain detailed documentation for GRC configurations, processes, and user manuals.

- Provide training and support to end-users on GRC functionalities.

Troubleshooting & Support :

- Provide ongoing support for SAP GRC modules, troubleshooting issues, and resolving user queries.

- Collaborate with SAP basis and security teams to ensure smooth GRC system operation.

Required Skills & Qualifications :

Experience : 3 - 5 years of dedicated experience in SAP GRC, with a strong focus on SAP GRC Access Control (AC). Exposure to Process Control (PC) is a plus.

SAP GRC AC Expertise : Hands-on experience with GRC AC components : ARA, ARM, EAM, BRM.

SAP Security Fundamentals : Good understanding of SAP ECC/S/4HANA authorization concepts (roles, profiles, authorization objects, transactions).

Database & OS (Basic) : Basic understanding of underlying database (e.g., HANA, Oracle) and operating system (e.g., Linux, Windows) concepts relevant to SAP systems.

Problem-Solving : Strong analytical and problem-solving skills with a meticulous attention to detail.

Communication : Excellent verbal and written communication skills, with the ability to articulate technical concepts clearly to diverse audiences.

Education : Bachelor's degree in Computer Science, Information Technology, or a related field.

Certifications (Nice to Have) : SAP Certified Application Associate SAP GRC Access Control, or other relevant security certifications.

Nice to Have :

- Experience with other GRC modules like Risk Management (RM) or Audit Management (AM).

- Knowledge of SAP Fiori security and S/4HANA embedded analytics security.

- Familiarity with other security frameworks like NIST, ISO 27001.

- Exposure to cloud security concepts (AWS/Azure/GCP).

Soft Skills :

- Client-focused approach with strong interpersonal skills.

- Ability to work independently and collaboratively in a team environment.

- Proactive, self-motivated, and eager to learn new technologies.

- Excellent organizational and time management skills