Security and Compliance Consultant

Job Description:

Responsible for administering and evolving SAP Security and GRC solutions, including access control, role design, user provisioning, segregation of duties, and compliance across SAP S/4HANA and Fiori environments. Partners with business, functional, and technical teams to deliver least-privilege role designs, maintain security standards and policies, integrate GRC with enterprise security tools, and ensure regulatory and privacy compliance while resolving critical security issues.

Location: within Continental US (Fully remote with occasional trips to San Diego area.

Responsibilities:

• Responsible for maintaining business blueprint and design documents that support Security and GRC activities.
• Administer SAP GRC Access Control suite of programs, including user provisioning, segregation of duty management, emergency access, role management and reporting.
• Design, implement, and govern business roles aligned to job functions and business processes, including role lifecycle management, ownership, and periodic review.
• Partner with business and functional stakeholders to translate job responsibilities into compliant, least-privilege SAP role designs.
• Administer GRC User Access Management Process to monitor key business processes.
• Responsible for leading SAP GRC maintenance, user role/account management maturity and evolution.
• Develop InfoSec capabilities while developing and maintaining security standards, policies, procedures and processes while ensuring that company systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Maintain SAP S/4HANA & FIORI Security based solutions.
• Coordinating with various teams for administration of Security and GRC tasks.
• Assist functional and technical team with solving critical issues, as it relates to Security or GRC.
• Assist team in administering heterogenous security tool landscape.
• Integrate SAP security and GRC systems with other security tools and platforms to orchestrate end-to-end security processes and improve interoperability.

Key Qualifications

• 2-5 Years SAP Security and GRC experience.
• Good understanding of the SAP authorization concept and the role-based access control model.
• Ability to set up roles and administer them to users (including derived and composite roles).
• Hands-on experience with Business Role Management in SAP, including job-based role modeling and role lifecycle governance.
• Experience in SAP GRC Access Controls Suite / Process Controls Suite.
• Experience with SAP GRC 12 – including reporting capabilities and S4 HANA.
• SOX Compliance experience, is a plus
• Strong skills in SAP Security Design Configuration and Administration.
• Experience with automation technologies such as scripting languages, APIs, and workflow automation tools.