SAP GRC Security Lead Analyst
More Information & ApplySAP GRC Security Lead Analyst– Remote
Expert Technical Solutions has an immediate opening for an SAP GRC Security Lead Analyst with one of our premier clients in the utilities and energy industry. This is a contract position with excellent benefits offered and a strong likelihood of conversion to permanent.
The role is Remote.
You will be reporting to the Senior Direct of SAP Enterprise Applications. You will be involved in every stage of the application lifecycle, from design to deployment, and will be responsible for delivering comprehensive SAP security capabilities and solutions within the SAP landscape.
You will serve as a lead with a strong background in SAP application security design, particularly in S/4HANA, S/4HANA Private Cloud, and RISE, in conjunction with SAP GRC, SAP BTP, and other non-SAP tools
Job Responsibilities:
- Lead and collaborate with a team of AMS SAP Security and GRC Analysts to build and implement robust security measures
- Responsible for designing, implementing, and supporting SAP Governance, Risk, and Compliance (GRC) solutions (specifically Access Control, Process Control, and Risk Management)
- Utilize available tools and applications to provide comprehensive SAP security capabilities, adhering to SAP best practices and industry standards
- Lead design and implementation of security capabilities (roles, profiles, authorization objects, etc.) as part of project teams, ensuring alignment with organizational goals
- Develop, maintain, and enhance a secure SAP environment, with a focus on continuous improvement and risk mitigation
- Oversee security aspects of system builds, upgrades, patching, client copies, and refreshes, validating compliance with security protocols
- Perform, monitor, and report on GRC compliance and audit trails, ensuring adherence to regulatory requirements
- Ensure best practices are followed when configuring Firefighter IDs (EAM), User Access Review (UAR) workflows, and user provisioning
- Perform regular system checks to identify potential security gaps and develop prevention action plans
- Support internal and external audits (SOX, GDPR, and organizational policies), guaranteeing systems adhere to regulatory standards and corporate security policies
- Respond to cyber attacks or breaches after a security incident by following the incident response plan and organizational procedures
- Perform any other related duties as required or assigned.
Requirements:
- 10 years of experience in SAP Security and GRC implementation and support
- SAP Certified Technology Associate: S/4HANA System Administration.
- SAP Certified Application Associate: SAP GRC Access Control.
- Strong expertise in SAP GRC modules: Access Control, Process Control, Risk Management
- Solid understanding of SAP Security concepts across ECC, S/4HANA, and Fiori
- Knowledge of ERP control frameworks and regulatory requirements and standards such as SOX, GDPR, HIPAA, and ISO 27001
- Proficiency in SAP application security methodologies, role-based user authorization, access controls, and Segregation of Duties (SoD) concepts.
- Hands‑on experience performing SoD analysis, role creation, and authorization design
- Hands-on experience configuring GRC modules (Access Control, Process Controls, Risk Management)
- Experience in SAP landscape security strategy, architecture, and supporting project implementations with SAP GRC, SAP BTP, and other security tools
- Proficiency in SAP Vulnerability Assessment
- Strong organizational skills to manage multiple priorities, deliverables, and project milestones
- Excellent analytical, problem-solving, and communication skills
- Experience as a SAP Security leader for IT projects with the ability to serve as a liaison between business units, technical teams, and external system integrators
- Knowledge of applicable data privacy practices and laws.
- Proficient in Microsoft Office, Teams, Outlook, and ITSM systems (ServiceNow, Jira, Remedy, etc.)
Powered by Avionté