SAP Security Consultant

SAP Security Consultant with Top Hair Care and Beauty Brand in the USA

Role is to assist with the security role redesign, implementation, and governance of SAP security model across SAP ECC. The ideal candidate will play a role in ensuring secure access to SAP systems (ECC, Ariba.) by developing robust role-based access models, ensuring compliance with regulatory requirements, and integrating SAP security within enterprise-wide security practices.

Key Responsibilities:

• Lead the end-to-end project to remediate and redesign SAP security roles and authorizations across all SAP systems.
• Analyze existing role structures and access models to identify inefficiencies, SoD conflicts, and compliance risks.
• Develop and implement a new, scalable, and compliant role architecture aligned with business processes and security best practices.
• Collaborate with functional and technical teams to gather requirements, define role ownership, and ensure proper mapping of access to job functions.
• Support workshops and design sessions with business stakeholders to validate access needs and drive adoption of the new role model.
• Coordinate with audit, compliance, and internal controls teams to ensure the redesigned security model meets regulatory standards (e.g., SOX, GDPR).
• Integrate SAP GRC tools to support access control, role simulation, risk analysis, and provisioning processes during the remediation.
• Provide documentation, training, and knowledge transfer to internal teams to support the ongoing governance of the new security model.
• Serve as the primary subject matter expert throughout the security redesign lifecycle, including testing, deployment, and post-go-live support.

Qualifications:

• 8+ years of experience in SAP Security design and administration.
• Proven experience with SAP modules including ECC, BW, and GRC Access Control.
• Strong understanding of SAP security concepts, including role design, authorization objects, SUIM, SU53, and ST01.
• Knowledge of compliance frameworks (SOX, GDPR) and audit methodologies.
• Experience with SAP GRC tools (Access Control, Risk Analysis, Firefighter, Role Management).
• Familiarity with identity and access management (IAM) concepts and integrations.
• Excellent communication, documentation, and stakeholder engagement skills.