SAP GRC Consultant

Role: SAP GRC Consultant Location: Madrid, Spain (ideally based locally, hybrid working with 1-2 days per week on site) Start Date: June 2026 (flexible; client can wait up to 6-8 weeks for the right candidate) Duration: 6-month initial contract with high likelihood of extension Travel: Up to 1-2 days per week in Madrid Language: Spanish and English (both required) Role Overview We are seeking an experienced SAP GRC Consultant to join a major international project onsite in Madrid. The consultant will be responsible for designing, implementing, and supporting SAP Governance, Risk, and Compliance solutions, ensuring strong security controls, regulatory compliance, and efficient access governance across the SAP landscape. Key Responsibilities Implement and support SAP GRC Access Control (AC), including: Access Risk Analysis (ARA) Emergency Access Management (EAM / Firefighter) Business Role Management (BRM) Design and maintain Segregation of Duties (SoD) rule sets and mitigation controls Manage user access lifecycle and authorization concepts in SAP Support SAP security role design and optimization Collaborate with SAP Security, Basis, and functional teams Participate in audits and compliance reporting (SOX / internal controls) Troubleshoot and resolve GRC-related incidents and issues Support integration with SAP S/4HANA environments where applicable Required Skills & Experience 4+ years of experience in SAP GRC (Access Control mandatory) Strong expertise in: SoD analysis and remediation Role design and user provisioning Firefighter/EAM configuration and support Experience with SAP ECC and/or SAP S/4HANA Solid understanding of SAP authorization concepts Experience working in international environments Nice to Have SAP GRC Process Control (PC) or Risk Management (RM) Experience in large-scale transformation programs (S/4HANA migrations) Knowledge of audit frameworks (SOX, ISO 27001) SAP Security / Basis background SAP Fiori security experience