SAP GRC Security Engineer

Role : SAP GRC Security Engineer
Visa :
Location :
Experience : 12+
Rate : $70 on W2 or 80 on 1099
Client : Infosys

Qualifications & Requirements
Education
Bachelor s degree in Computer Science, Information Systems, Cybersecurity, or a related technical field required.
Advanced degree or professional certifications (CISSP, CISM, CEH, SAP Security certification) strongly preferred.
Experience
Minimum 10 years of hands-on experience in SAP Security administration and role design.
Minimum 5 years of experience in Cybersecurity assessments, vulnerability management, or security architecture.
Demonstrated experience with cloud-hosted SAP applications; familiarity with IBP, SAC, Ariba, BTP, or Signavio is highly desirable.
Prior experience contributing to GxP or regulated-environment security documentation (Security Plans, SOPs, Risk Assessments) in a pharmaceutical or life sciences setting is strongly preferred.
Experience with code review or application security assessments (SAST/DAST tools, OWASP standards) is required.
Technical Skills
SAP Security:
Deep knowledge of SAP role design, authorization objects, and profile management across S/4HANA, BTP, and cloud applications.
Proficiency in SAP GRC (Governance, Risk & Compliance), access control, and SOD conflict analysis.
Experience with CyberArk or equivalent Privileged Access Management (PAM) solutions in an SAP context.
Familiarity with SAP Identity Authentication Service (IAS) and Identity Provisioning Service (IPS).

SAP BASIS:
Working knowledge of SAP BASIS operations, system landscape configuration, and transport management.
Understanding of SAP system hardening, parameter settings, and patch/upgrade processes for cloud-hosted platforms.
Ability to read and interpret BASIS-level configuration outputs relevant to security documentation.

Cybersecurity:
Strong understanding of encryption standards (AES, TLS 1.2/1.3), PKI, and key management frameworks.
Familiarity with vulnerability management tools (Qualys, Tenable, Wiz, or similar) and CVSS scoring.
Knowledge of cloud security frameworks: CSA CCM, CIS Benchmarks, NIST SP 800-53, ISO 27001.
Experience assessing SaaS/PaaS security controls, data residency requirements, and multi-tenant isolation architectures.

Application Development / Code Review:
Proficiency in conducting security-focused code reviews in ABAP, JavaScript, Python, or Java.
Familiarity with OWASP Top 10, secure coding principles, and static/dynamic analysis (SAST/DAST) tooling.
Understanding of CI/CD pipeline security, DevSecOps practices, and software composition analysis (SCA).
Ability to identify and document security vulnerabilities in custom SAP extensions or BTP-hosted applications.
Regulatory & Compliance Knowledge
Understanding of GMP and GxP requirements as they relate to computer system validation (CSV) and security documentation.
Familiarity with Client s Quality Practices especially Computer Systems and Platform Security or equivalent pharmaceutical industry security standards.
Knowledge of FDA 21 CFR Part 11, EU Annex 11, and relevant ICH guidelines as applicable to cloud-hosted systems.
Experience with Confidential Information (CI) and Personal Information (PI) classification and handling requirements, including GDPR considerations for cloud systems.
Tools & Systems
Electronic Document Management Systems: Veeva QualityDocs (required) or equivalent EDMS.
SAP tools: GRC, Solution Manager, RSECNOTE, STAUTHTRACE, and relevant cloud admin consoles.
Security tools: SIEM platforms, vulnerability scanners, PAM tools, and cloud security posture management (CSPM) solutions.
Microsoft Office Suite and collaboration tools; experience with AI documentation tools (Client CSA Launchpad or similar) preferred.
Soft Skills & Work Style
Ability to translate complex technical security configurations into clear, structured documentation that meets regulatory and quality standards.
Strong collaboration skills; comfortable working in a cross-functional team alongside Technical Writers and BASIS professionals.
Meticulous attention to detail; capable of maintaining accuracy and consistency across multiple security plan documents.
Proactive communicator who can engage with Client staff, QA, BISO, CSQA, and System Owners throughout the review and approval lifecycle.
Ability to work on-site at Client Corporate Center, Indianapolis, as required by project milestones

Please share your resumes at