Note: The job is a remote job and is open to candidates in USA. Global Business Ser. 4u is seeking an SAP Security/GRC Lead Consultant responsible for designing, implementing, and maintaining secure access across the SAP S/4HANA landscape. This role focuses on ensuring compliance with internal controls and regulatory requirements while partnering with various teams to safeguard SAP systems and manage risk.
Responsibilities
- Design, build, and maintain SAP roles and authorizations across S/4HANA on Premise
- Manage user provisioning, role assignments, and access remediation
- Perform security impact analysis for new projects, transports, and functional changes
- Support security patching, vulnerability remediation, and audit readiness
- Monitor and troubleshoot authorization failures, SU53/SUIM analysis, and STAUTHTRACE
- Ensure compliance with ITAR, DFARS 252.204 7012, CMMC, and organizational security policies
- Administer and enhance SAP GRC Access Control (ARA, ARM, BRM, EAM)
- Maintain Segregation of Duties (SoD) rulesets and risk matrices
- Manage Emergency Access Management (Firefighter) setup, logs, and reviews
- Support Access Request workflows, role approval processes, and automated provisioning
- Conduct periodic access reviews, SoD remediation, and compliance reporting
- Partner with Internal Audit to support SOX controls, evidence collection, and audit walkthroughs
- Develop and maintain security standards, procedures, and documentation
- Participate in risk assessments, control testing, and remediation planning
- Support change management processes to ensure secure transport and deployment practices
- Collaborate with cybersecurity teams on Zero Trust, MFA, VPN, and identity governance initiatives
Skills
- 3 7+ years of experience in SAP Security and/or SAP GRC Access Control
- Strong understanding of SAP authorization concepts, role design, and security architecture
- Hands-on experience with GRC modules (ARA, ARM, BRM, EAM)
- Familiarity with audit frameworks (SOX, NIST 800 171, CMMC)
- Experience supporting SAP S/4HANA environments (on-premise)
- Ability to analyze complex authorization issues and propose effective solutions
- Excellent communication skills and ability to work with cross-functional teams
- Experience in Aerospace & Defense or other regulated industries
- Knowledge of ITAR U.S. Person requirements and controlled data handling
- Understanding of Basis, ABAP, or Identity Governance concepts
- SAP certifications in Security, GRC, or related areas
Company Overview