SAP Security Analyst/Engineer

Overview

Remote
Depends on Experience
Full Time

Skills

SAP Security

Job Details

We are hiring for SAP Security Analyst/Engineer to support our client

Company Name: - JTSi (Johnson Technology Systems, Inc.)
Title: SAP Security Analyst/Engineer
Position Location: Remote
Citizenship: US Person

Role summary

Seeking an SAP Security Analyst/Engineer to design roles and authorizations, administer access and SoD controls, and drive compliance across S/4HANA/ECC, BW/4HANA, and BusinessObjects while integrating with enterprise IAM and monitoring. Successful candidates bring deep GRC Access Control experience, HANA security expertise, and a track record of partnering with audit and business teams to reduce risk and improve control maturity

Key responsibilities

  • Design, build, and maintain rolebased access and authorization concepts across ECC or S/4HANA, BW/4HANA, SAP PI/PO, Solution Manager, and BusinessObjects, with scalable patterns for business roles
  • Administer user provisioning, deprovisioning, access reviews, and SoD analysis; define mitigating controls and custom authorizations when necessary.
  • Create and maintain roles, profiles, and authorization objects; manage transports and promote changes through QA to production per change control.
  • Implement and operate SAP GRC Access Control (ARA, ARM, EAM, BRM) for request, approval, firefighter, and ruleset governance.
  • Govern HANA security including analytic privileges and role design for developers, modelers, DBAs, and end users.
  • Support SAP project lifecycles (blueprint, testing, cutover, golive) and system upgrades with security design, testing, and remediation.
  • Integrate SAP security with enterprise IAM and SSO; coordinate identity lifecycle and role mappings with central directories.
  • Monitor and respond to security events; integrate with SIEM and vulnerability management to detect anomalies and drive remediation.
  • Conduct periodic risk assessments, internal audits, and evidence collection
  • Provide production support and root cause analysis for authorization failures; deliver training and knowledge transfer to end users and support teams.
  • Maintain documentation for security designs, rulesets, procedures, and change records aligned to internal policies and external standards.

Minimum qualifications

  • Bachelor s degree in Information Security, Computer Science, Information Systems, or related field, or equivalent experience.
  • 5 8+ years in SAP Security with deep knowledge of role design, profiles, authorization objects, and SoD risk analysis.
  • Handson experience with S/4HANA or ECC, HANA DB security, and at least one reporting/analytics platform (e.g., BW/4HANA or BusinessObjects).
  • Proficiency with SAP GRC Access Control and familiarity with SAP IDM and SSO patterns.
  • Strong communication, documentation, and crossfunctional collaboration skills with audit and business stakeholders.

Preferred qualifications

  • Understanding of security frameworks and ITGCs such as ISO 27000, NIST 800, and COBIT.
  • Experience with BRF+ and MSMP configuration in GRC, and complex access workflows.
  • Background in upgrades, OS/DB or HANA migrations, and large multisystem landscapes.
  • Exposure to SecurityBridge or similar SAP vulnerability/patch monitoring solutions.
  • Familiarity with Fiori role design alongside classic authorization concepts.

Tools and technologies

  • SAP GRC Access Control (ARA, ARM, EAM, BRM), SAP IDM, SSO, and directory services for IAM integration.
  • HANA database security and analytic privileges; BW/4HANA and BusinessObjects authorizations.
  • SIEM and vulnerability management integrations supporting monitoring and incident

If you are available, interested, planning to make a change, or know of a friend who might have the required qualifications and interest, please call me ASAP on / If you do respond via e-mail ( ) please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP with your updated resume.


Established in 2003, JTSi is a Professional IT & Engineering Services provider with years of documented experience in the Information Technology and Engineering services field. JTSi has a proven track record for successfully delivering mission critical Professional services to the Government and the industry. JTSi SAP team delivers solutions to its clients by clearly understanding their core business problems. We deliver quality services at equitable rates and focus on constant improvement in all areas of our operation, austerely complying to the customer s desire. We view our-selves more as a business partner than a mere provider of consulting services. At JTSi customer is always first and partnering is our means to customer satisfaction. We do what we say!

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.