Overview
Skills
Job Details
Title : SAP Security and GRC Access Control Specialist
Location : 100% remote from Canada, candidate must work with EDT time zone
Duration : 6 months- Week work of 35 hours
The candidate must have the following qualifications:
- More than 10 years' experience in cybersecurity
- Minimum 5-10 years of experience in SAP Security and GRC Access Control.
- Experience with S/4HANA security concepts, including Fiori and HANA DB authorizations.
- Experience in SAP S4 Projects (Authorizations)
- Project experience in SAP security design, migrations, or role redesign.
- Ability to work in a global, multicultural environment.
- Strong knowledge of SAP authorization concepts (PFCG), role design, and user administration.
- Hands-on experience with SAP GRC Access Control (especially ARA and EAM).
- Understanding of compliance requirements such as SOx, GDPR, and ITcontrols.
- Bilingual in English and French or English Speaker
Nice to have :
SAP certifications (e.g., SAP Certified Technology Associate System Security Architect or GRC Access Control) are an asset.
Job description:
We are seeking a highly skilled SAP Security and GRC Access Control Specialist to join our IT Security & Compliance team. This role is responsible for designing, implementing, and maintaining secure access across SAP systems, ensuring alignment with internal control frameworks, regulatory compliance (e.g., SOx), and best practices in identity and access governance.
Key Responsibilities
- Design and maintain security roles in line with segregation of duties (SoD) and least privilege principles over key projects.
- Operate and optimize SAP GRC Access Control components (ARA, BRM, CUP, EAM).
- Perform risk analysis, access request workflow configuration, and firefighting management.
- Collaborate with business owners, internal auditors, and IT teams to define and enforce access governance standards.
- Monitor SAP security logs and perform regular reviews of sensitive access and elevated privileges.
- Contribute to the continuous improvement of SAP security policies, procedures, and role design methodology.
- Assist in the delivery of SAP security controls during projects, system changes, or M&A integrations.
Le candidat doit possder les qualifications suivantes :
- Plus de 10 ans d'exprience en cyberscurit
- Minimum 5 10 ans d'exprience en scurit SAP et contrle d'Clients GRC
- Exprience des concepts de scurit S/4HANA, y compris les autorisations Fiori et HANA DB
- Exprience dans des projets SAP S/4 (autorisations)
- Exprience de projets en conception de scurit SAP, migrations ou refonte des rles
- Capacit travailler dans un environnement global et multiculturel
- Solide connaissance des concepts d'autorisation SAP (PFCG), conception de rles et administration des utilisateurs
- Exprience pratique avec SAP GRC Access Control (en particulier ARA et EAM)
- Comprhension des exigences de conformit telles que SOx, RGPD et les contrles ITGC
Atouts :
Certifications SAP (par ex. : SAP Certified Technology Associate System Security Architect ou GRC Access Control) considres comme un plus
Description du poste :
Nous recherchons un(e) Spcialiste expriment(e) en Scurit SAP et GRC Access Control pour rejoindre notre quipe Scurit & Conformit IT. Ce rle est charg de concevoir, mettre en uvre et maintenir des Clients scuriss dans les systmes SAP, en veillant leur alignement avec les cadres de contrle interne, les exigences rglementaires (ex. : SOx) et les meilleures pratiques en matire de gouvernance des identits et des Clients.
Responsabilits principales :
- Grer le processus d'Clients des utilisateurs SAP, les rles et autorisations travers les environnements SAP (ECC, S/4HANA, BW, Fiori, etc.)
- Concevoir et maintenir les rles de scurit en respectant les principes de sparation des tches (SoD) et de moindre privilClient dans le cadre de projets cls
- Exploiter et optimiser les composants de SAP GRC Access Control (ARA, BRM, CUP, EAM)
- Raliser des analyses de risques, configurer les workflows de demande d'Clients et grer les comptes de type "firefighter"
- Collaborer avec les responsables mtiers, les auditeurs internes et les quipes IT pour dfinir et appliquer les standards de gouvernance des Clients
- Surveiller les journaux de scurit SAP et effectuer des revues rgulires des Clients sensibles et privilges levs
- Contribuer l'amlioration continue des politiques de scurit SAP, des procdures et de la mthodologie de conception des rles
- Participer la mise en uvre des contrles de scurit SAP dans le cadre de projets, de changements systmes ou d'intgrations lors de fusions/acquisitions