SAP Security

The ERP Security Senior Analyst will serve as a hands-on guide and technical expert, responsible for defining and
implementing robust security controls in our HR and Finance platforms. This position will play a critical role in ensuring the secure operation and governance of our SAP landscape, with particular focus on role design, access controls, and regulatory compliance. The ideal candidate will have hands-on experience with ECC and S/4HANA
systems, SAP GRC, and integration with modern IAM platforms.

Core Responsibilities
Design, implement, and maintain SAP security roles and authorizations (PFCG, SU24, SU01).
Analyze and manage segregation of duties (SoD) risks using SAP GRC Access Control.
Secure custom transactions, RFCs, BAPIs, and ABAP developments.
Collaborate with business process owners to ensure roles align with least privilege principles.
Monitor SAP security logs (SM20, STAD) and perform forensic investigations as needed.
Support Fiori and SAP S/4HANA application security, including OData and catalog roles.
Integrate SAP systems with identity providers like EntraID, Okta, or Ping for SSO.
Drive improvements in SAP security posture through continuous monitoring and proactive remediation.
Evaluate, enhance, and document security configurations, procedures, and standards.
Stay informed of SAP security trends, vulnerabilities, and best practices.

Required Qualifications
Education
Bachelors degree in computer science, Information Security, and/or a related field or an equivalent
level of work-related experience

Experience
7+ years of SAP security experience, including ECC and/or S/4HANA.
Hands-on experience with SAP GRC Access Control modules.
Strong understanding of RBAC, SoD principles, and SAP authorization concepts.
Familiarity with SAP Fiori security and cloud security models.
Experience with integration into identity management platforms (e.g., EntraID, Okta, CyberArk).
Ability to interpret audit and compliance requirements into SAP controls.
Excellent communication and collaboration skills.
Deep hands-on knowledge of Microsoft Purview, MIP, and DLP
Familiarity with secure AI data handling, e.g., TDE, DP, FHE, vector store hardening
Experience with classification, taxonomy design, and data lineage tracking
Understanding of data lifecycle, retention, archiving, and deduplication at enterprise scale

Licensure / Other Qualifications
Preferred Qualifications
Previous experience with utilities or highly regulated industries
Experience with conversions from legacy HR and Finance systems to SAP
Experience with upgrades to existing versions of SAP
Good communications skills with HR and Finance professionals as well as cybersecurity professionals
Ability to translate business and compliance concerns into actionable protections within SAP