Senior Consultant - SAP GRC & Security

Role Overview :

We are seeking an accomplished Senior Consultant SAP GRC & Security with deep expertise in governance, risk, and compliance frameworks across complex SAP landscapes.

The ideal professional will lead end-to-end delivery of SAP GRC Access Control, Process Control, and Security solutions, ensuring robust governance, risk mitigation, and compliance in line with global standards.

This position demands a strong blend of technical proficiency, business process understanding, and regulatory insight, enabling enterprises to operate securely and efficiently in both on-premise and cloud-based SAP environments (ECC and S/4HANA).

Key Responsibilities :

- Lead implementation, enhancement, and support of SAP GRC Access Control, Process Control, and Risk Management modules.

- Design and maintain SAP security architecture, including role design, authorization strategy, and segregation of duties (SoD) compliance.

- Manage user access lifecycle across multiple SAP systems ensuring adherence to security policies and audit requirements.

- Drive risk and control assessment, ensuring compliance with SOX, GDPR, and other global regulatory frameworks.

- Perform security design reviews, impact assessments, and remediation planning for system changes, upgrades, and rollouts.

- Integrate GRC with other enterprise systems and identity management tools to enable automated governance.

- Lead S/4HANA Security projects, including migration from ECC, Fiori security design, and embedded analytics authorization.

- Collaborate with audit, compliance, and IT control teams to manage access risk and ensure continuous monitoring.

- Deliver periodic security audits, SoD analysis, and risk remediation reports to stakeholders and senior leadership.

- Mentor junior consultants and ensure adherence to best practices, documentation, and governance standards.

- Stay current with emerging SAP security trends, tools, and threat management practices.

Required Skills and Experience :

- 9 to 12 years of relevant experience in SAP Security and GRC implementation/support across ECC and S/4HANA systems.

- Strong understanding of SAP authorization concepts, composite roles, derived roles, and structural authorizations.

- Expertise in SAP GRC Access Control (AC 12.x) including ARA, BRM, ARM, and EAM.

- Experience in Process Control (PC) and Risk Management (RM) modules preferred.

- Proven ability to design and implement Fiori and S/4HANA security models.

- Strong knowledge of audit and compliance standards including SOX, GDPR, and ITGC.

- Hands-on experience in security migration, SoD resolution, and remediation strategies.

- Experience integrating SAP GRC with IDM, Active Directory, and non-SAP systems.

- Proficiency in using tools such as SAP Access Analyzer, GRC Risk Analysis, and Firefighter ID management.

- Excellent analytical, problem-solving, and documentation skills.

- Strong stakeholder management with the ability to communicate security risks in business terms.

Preferred Qualifications :

- SAP Certified Application Associate SAP Access Control or SAP Security.

- Experience with SAP Cloud Identity Services, BTP Security, or hybrid environment security.

- Exposure to automation frameworks for GRC processes using scripts or workflow tools.

- Experience working in regulated industries such as Banking, Pharma, or Energy.

- Familiarity with Agile/DevSecOps methodologies.

Why Join :

- Lead mission-critical SAP GRC and Security programs for global enterprise clients.

- Collaborate with elite SAP professionals in a high-performance, innovation-driven environment.

- Gain exposure to S/4HANA, Cloud, and BTP Security frameworks, driving next-generation compliance initiatives.

- Competitive compensation, performance-linked rewards, and leadership visibility.

- Career growth through continuous learning, certification, and global project exposure.

- Work culture built on excellence, integrity, and innovation in enterprise security management.