Senior SAP Security & GRC Engineer (s/4hana...
Role details
Job location
Tech stack
Job description
We are seeking an experienced SAP Security & GRC Engineer with expertise in SAP S/4HANA Security, Fiori Security, and SAP GRC Access Controls. The ideal candidate will be responsible for designing, implementing, and supporting SAP security solutions while ensuring compliance, governance, and secure user access across SAP environments. This position also includes production support and participation in an on-call rotation., + Design, develop, and implement SAP S/4HANA Fiori security roles across functional areas including SD, MM, and FI (GL, AP, AR, AA).
-
Administer SAP security roles, including authorization objects, master/derived roles, and single/composite roles.
-
Troubleshoot authorization issues using STAUTHTRACE, STUSERTRACE, SU53, and ST01.
-
Implement and support SAP GRC Access Controls 12.0, including ARA, ARM, EAM, and BRM.
-
Configure and administer SAP GRC rule sets, workflows, approvers, and user provisioning processes.
-
Maintain GRC master data and perform risk analysis, audit support, and compliance activities.
-
Build and maintain MSMP workflows and configure GRC notifications.
-
Create custom functions, risks, and rulesets based on business requirements.
-
Plan and execute SAP GRC upgrade activities.
-
Configure and support synchronization jobs, including Repository, Authorization, Firefighter Log, and Action Usage.
-
Troubleshoot access request issues by analyzing audit logs.
Requirements
-
Bachelor's degree.
-
Minimum of 7 years of SAP Security experience.
-
Experience with at least two full lifecycle SAP implementations.
-
Experience implementing SAP S/4HANA Fiori security roles for SD, MM, and FI modules (GL, AP, AR, AA).
-
Experience designing, developing, and testing SAP S/4HANA Fiori security roles using Pages and Spaces.
-
Experience performing backend S/4HANA and frontend Fiori security checks, including OData service authorization.
-
Experience configuring SAP GRC modules, including Access Control and Process Control.
-
Experience troubleshooting SAP GRC user provisioning workflow issues.
-
Experience with SAP HANA.
-
Ability to participate in a periodic 24x7 on-call support rotation.
Preferred Qualifications
-
Experience with SAP BTP Security.
-
Experience with SAP Identity Access Governance (IAG).