The SAP Security/GRC Lead Consultant is responsible for designing, implementing, and maintaining secure access across the SAP S/4HANA landscape. This role ensures compliance with internal controls, regulatory requirements (SOX, ITAR, DFARS, CMMC), and industry best practices. The consultant partners with functional, technical, and audit teams to safeguard SAP systems, manage risk, and support ongoing transformation initiatives.
Key Responsibilities
SAP Security
Design, build, and maintain SAP roles and authorizations across S/4HANA on Premise.
Manage user provisioning, role assignments, and access remediation.
Perform security impact analysis for new projects, transports, and functional changes.
Support security patching, vulnerability remediation, and audit readiness.
Monitor and troubleshoot authorization failures, SU53/SUIM analysis, and STAUTHTRACE.
Ensure compliance with ITAR, DFARS 252.204 7012, CMMC, and organizational security policies.
SAP GRC
Administer and enhance SAP GRC Access Control (ARA, ARM, BRM, EAM).
Maintain Segregation of Duties (SoD) rulesets and risk matrices.
Manage Emergency Access Management (Firefighter) setup, logs, and reviews.
Support Access Request workflows, role approval processes, and automated provisioning.
Conduct periodic access reviews, SoD remediation, and compliance reporting.
Partner with Internal Audit to support SOX controls, evidence collection, and audit walkthroughs.
Governance, Risk & Compliance
Develop and maintain security standards, procedures, and documentation.
Participate in risk assessments, control testing, and remediation planning.
Support change management processes to ensure secure transport and deployment practices.
Collaborate with cybersecurity teams on Zero Trust, MFA, VPN, and identity governance initiatives.
Required Qualifications
3 7+ years of experience in SAP Security and/or SAP GRC Access Control.
Strong understanding of SAP authorization concepts, role design, and security architecture.
Hands-on experience with GRC modules (ARA, ARM, BRM, EAM).
Familiarity with audit frameworks (SOX, NIST 800 171, CMMC).
Experience supporting SAP S/4HANA environments (on-premise).
Ability to analyze complex authorization issues and propose effective solutions.
Excellent communication skills and ability to work with cross-functional teams.
Preferred Qualifications
Experience in Aerospace & Defense or other regulated industries.
Knowledge of ITAR U.S. Person requirements and controlled data handling.
Understanding of Basis, ABAP, or Identity Governance concepts.
SAP certifications in Security, GRC, or related areas.
...We require at least 3 years of Tier II application support experience. We need hands-on experience supporting Microsoft Dynamics 365 CRM. We look for strong troubleshooting and analytical problem-solving abilities. We require excellent communication skills...
...with design, research and other development team members to further develop pipeline and workflows. Skills: ~ Proficiency with game engine development ~ Experience working with designers and research scientists ~ Full stack backend experience, including server...
.... Follows standard operating procedures and ensures laboratory safety, quality and regulatory requirements are met. Serves... ...other related duties as assigned. Qualifications Medical Laboratory Technician Associates degree in Laboratory Science required. Possess...
...Job Description Looking for caring, positive individuals to be part of the Environmental Services team at Dells Nursing and Rehab Center. Help make our residents days enjoyable by providing a clean environment and fresh clean linens and clothes every day. Full and parttime...
...Newton Village, a Cassia community, is hiring a Registered Nurse (RN) to join our team. Newton Village is an award-winning senior care community where your skills are valued and your dedication to excellent care makes an impact. If you're looking for a supportive...