SAP Security & Controls Workstream Lead
Location: Parsippany NJ.
Duration would be as soon as possible and for now the end date would be April 2027.
The client is seeking a senior resource with 15+ years of experience.
Some travel is required and expenses will be covered by the client.
Senior / 15+ years SAP security experience.
Candidate Submission Guidelines
Vendors are asked to submit candidates who clearly meet the required qualifications above. Please include the following with each submission:
· Full resume detailing relevant SAP security, GRC, and IAM project experience, including client names, roles, and dates.
· Summary of experience against the required and preferred qualifications listed in this requisition.
Position Summary
IBM Consulting is seeking an experienced SAP S/4HANA Security & GRC Consultant to lead the SAP Security & Controls workstream on the Industrial Account Project Skyline program, a complex manufacturing transformation. The consultant will bring deep expertise in SAP security, SAP GRC, identity and access management, and enterprise controls, combined with hands-on delivery leadership. This individual will work directly with PMO and business workstream leads, advise senior client stakeholders on security and controls decisions, and lead a blended onshore/offshore delivery team to build a secure, compliant, and audit-ready SAP landscape.
Key Responsibilities
Executive Advisory & Client Leadership
· Partner with PMO leadership and business workstream leads to align SAP security design, controls, and delivery plans with overall program priorities.
· Advise senior executives on SAP security architecture, enterprise controls, regulatory compliance, access risk, and cyber risk considerations.
· Deliver executive-ready recommendations, roadmaps, status updates, and risk assessments that translate technical access and control issues into actionable business decisions.
· Build and maintain senior client relationships that reinforce IBM''s position as a trusted partner for SAP security and controls transformation.
· Prepare high-impact PowerPoint materials for steering committees, leadership discussions, and risk reviews, while maintaining program tools including ADO, JIRA, and Smartsheet.
SAP Security & GRC Delivery
· Lead the SAP Security workstream across a complex, multi-tenant program, ensuring delivery aligns with project objectives, timelines, and governance expectations.
· Hands-on, design and lead end-to-end SAP Security and GRC solutions across on-premises, cloud, and hybrid landscapes.
· Hands-on direct SAP role design, Fiori authorization design, access governance, user provisioning/de-provisioning, privileged access management, and least-privilege access models.
· Hands On SAP GRC Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, Business Role Management, and user access reviews.
· Provide expertise in SAP Identity Access Governance (IAG) bridge authentication with SAP GRC, and guide Okta integration for SAP authentication and identity lifecycle management.
· Drive SoD risk analysis, remediation, mitigation control design, audit readiness, and sustainable access governance models, applying business process knowledge to align access design with manufacturing operations.
· Apply AI-enabled methods to develop practical solution options and recommendations within short timelines.
SAP Cloud, SaaS & Platform Security
· Lead SAP cloud and SaaS security across S/4HANA and related SAP cloud services.
· Define practical controls and governance for SAP cloud platforms, including ownership, risk treatment, and audit evidence requirements.
· Enable secure cloud adoption by aligning identity, authorization, provisioning, monitoring, and compliance requirements across SAP and connected applications.
Program Delivery & People Leadership
· Manage security delivery across a complex system environment spanning multiple stakeholder groups, workstreams, and integration points.
· Manage global delivery resources, including offshore teams, with clear accountability for workstream outcomes, quality, and timelines.
· Mentor team members and contribute to building a high-performing, audit-ready delivery capability.
Required Qualifications
· Bachelor''s degree in information systems, computer science, cybersecurity, business, engineering, or a related discipline.
· 15+ years of SAP security implementation experience, including at least five full SAP implementation lifecycles.
· 5+ years leading SAP Security workstreams in complex, multi-tenant project environments.
· 5+ years managing delivery resources, including offshore teams.
· Experience managing complex system landscapes spanning multiple applications, integrations, stakeholders, and governance requirements.
· S/4HANA experience in manufacturing environments, including 3+ years of industry experience.
· 3+ years of experience with SAP GRC Access Control.
· Experience with SAP IAG bridge authentication and SAP GRC integration.
· Experience integrating Okta for authentication and identity lifecycle management.
· Strong business process knowledge with the ability to present recommendations to senior executives.
· Advanced Microsoft Tools , SharePoint, JIRA, Azure DevOps skills, with the ability to produce executive-ready materials.
· Ability to apply AI-enabled methods to develop timely solution options and recommendations.
· Ability to travel weekly and work onsite in Northern New Jersey, Monday 11:00 AM ET through Thursday 3:00 PM ET.
Preferred Qualifications
· Hands-on delivery or leadership experience in three or more of the following: SAP IBP, SAP Ariba, SAP Analytics Cloud (SAC), SAP BTP Cockpit, SAP SLS, SAP Build Application Studio (BAS), and SAP Work Zone.
· Master''s degree or MBA.
· SAP certifications such as SAP Security, SAP GRC, SAP S/4HANA, SAP Cloud Security, or SAP BTP.
· Familiarity with modern identity and access governance platforms and controls automation.
· Experience in regulated or audit-intensive manufacturing environments.