SAP GRC Security Lead - S/4HANA

Description :

Job Title : GRC Security Lead (SAP S/4HANA Greenfield Implementation)

Experience : 8 - 10 Years

Location : Bangalore

Work mood : Hybrid

Role Overview :

The GRC Security Lead is responsible for designing, implementing, and managing SAP Governance, Risk & Compliance (GRC) solutions and enterprise-wide SAP security architecture for a global S/4HANA Greenfield implementation. This role ensures regulatory compliance, enforces robust security policies, and mitigates risks across the SAP ecosystem.

Key Responsibilities

Security Strategy & Architecture :

- Define and implement the SAP security strategy aligned with corporate policies and compliance requirements.

- Design a comprehensive role-based access control (RBAC) and segregation of duties (SoD) framework for S/4HANA and integrated systems.

- Develop end-to-end security architecture across SAP Fiori, HANA Database, and cloud-based components.

SAP GRC Implementation :

- Configure and deploy SAP GRC Access Control modules, including ARA, ARM, BRM, and EAM.

- Establish workflows for user provisioning, role governance, and firefighter/emergency access.

- Implement and maintain SoD rulesets and risk analysis processes supporting key business functions.

Compliance & Risk Management :

- Ensure compliance with SOX, GDPR, and relevant international regulatory frameworks.

- Conduct security and compliance risk assessments and recommend mitigation strategies.

- Monitor, report, and remediate audit findings related to security and GRC processes.

- Project Leadership

- Collaborate with functional, technical, and business teams to embed security requirements into project deliverables.

- Lead workshops on SAP security design, GRC processes, and best practices.

- Drive consistent security standards in a Greenfield implementation environment.

- Operational Support

- Develop and maintain security policies, processes, and documentation.

- Train business and IT stakeholders on GRC tools, security protocols, and access management procedures.

- Provide postgo-live support, including security monitoring, optimization, and continuous improvement.

Required Skills & Experience

Technical Expertise

- Strong hands-on knowledge of SAP GRC Access Control and core SAP Security concepts.

- Experience with S/4HANA security design, including Fiori authorization and HANA DB security.

- Familiarity with SAP Cloud security architecture and integration scenarios.

Project Experience

- Minimum 8+ years in SAP Security and GRC roles.

- At least 2 full-cycle implementations; S/4HANA Greenfield project experience preferred.

Compliance Knowledge

- Solid understanding of SOX, GDPR, and related compliance frameworks.

- Experience designing and implementing SoD controls and governance procedures.

Soft Skills

- Excellent communication and stakeholder management capabilities.

- Ability to lead workshops, influence global teams, and drive consensus.

Preferred Certifications

- SAP Certified Technology Associate SAP System Security and Authorization

- SAP Certified Application Associate GRC Access Control

- IT security certifications such as CISSP or CISM (a strong plus)