SAP GRC Access Control Consultant
Role details
Job location
Tech stack
Job description
We are seeking an experienced SAP GRC Access Control Consultant with 8+ years of SAP Security and GRC implementation experience to lead the end-to-end implementation of SAP GRC Access Control across our on-premise SAP landscape.
The consultant will be responsible for implementing and configuring SAP GRC Access Control modules, integrating them with SAP ECC, SAP SRM, and SAP BI/BW systems, designing Segregation of Duties (SoD) rules, automating access management workflows, and ensuring compliance with internal and external audit requirements.
The ideal candidate should have completed multiple end-to-end SAP GRC implementations in large enterprise environments., SAP GRC Implementation
- Lead complete SAP GRC Access Control implementation.
- Gather business and security requirements.
- Conduct Fit-Gap Analysis.
- Prepare Solution Design Document.
- Configure SAP GRC environment.
- Perform system integration.
- Support testing and production deployment.
- Provide hypercare support.
GRC Access Control Modules Hands-on implementation experience in:
- Access Risk Analysis (ARA)
- Emergency Access Management (EAM / Firefighter)
- Access Request Management (ARM)
- Business Role Management (BRM)
- User Provisioning
- Role Management
- Risk Management
- Compliance Reporting
SAP Security Design and implement:
- Role Design Strategy
- Single Roles
- Composite Roles
- Derived Roles
- Organizational Level Security
- Authorization Objects
- SU24 Proposal Maintenance
- SU25 Upgrade Activities
- Role Optimization
Segregation of Duties (SoD) Responsible for
- SoD Rule Set Design
- Risk Analysis
- Critical Access Analysis
- Critical Permission Analysis
- Mitigation Controls
- Risk Owners
- Control Owners
- Risk Remediation
- Periodic Risk Review
Access Management Configure and automate
- User Access Request Workflow
- Role Approval Workflow
- Firefighter Workflow
- Provisioning Workflow
- Password Reset Workflow
- Role Owner Approval
- Business Owner Approval
- Security Team Approval
Firefighter (Emergency Access) Configure
- Firefighter IDs
- Controllers
- Owners
- Log Review
- Firefighter Reporting
- Emergency Access Monitoring
Business Role Management Design
- Business Roles
- Technical Roles
- Role Hierarchy
- Role Approval Process
- Role Lifecycle
- Role Ownership, * SAP GRC Access Control implementation for ECC, SRM, and BI/BW.
- Connector configuration and integration across all SAP systems.
- SoD ruleset design and risk remediation.
- MSMP workflow configuration for access requests and approvals.
- Firefighter (EAM) setup and monitoring.
- Business role design and lifecycle management.
- User provisioning automation.
- Compliance dashboards and audit reporting.
- Knowledge transfer, documentation, and post-go-live support.
Requirements
Integrate SAP GRC with
- SAP ECC
- SAP SRM
- SAP BI/BW
- SAP NetWeaver AS ABAP
- SAP Solution Manager (preferred)
- LDAP / Active Directory (preferred)
Must Have
- SAP GRC Access Control 10.1 / 12.0
- SAP ECC Security
- SAP SRM Security
- SAP BI/BW Security
- SAP NetWeaver Security
- SAP Authorization Concept
- Role Design
- SU01
- PFCG
- SU24
- SU25
- STMS
- Transport Management
- RFC Configuration
- MSMP Workflow
- BRF+
- Firefighter Configuration
- SoD Rules
- Access Risk Analysis
Preferred Skills
- SAP Solution Manager Integration
- SAP Identity Management (IDM)
- SAP Cloud Identity Services
- Active Directory Integration
- LDAP Integration
- SAP Fiori Security
- SAP Gateway Security
- SAML
- Single Sign-On (SSO)
- SAP Audit Log
- SAP Read Access Logging
Implementation Experience Candidate must have completed
- Minimum 3 full-cycle SAP GRC Access Control implementations
- Multiple rollout/support projects
- Security redesign projects
- Audit remediation projects
- SoD remediation projects
SAP Landscape Experience
- SAP ECC 6.0
- SAP SRM 7.0
- SAP BI/BW
- SAP NetWeaver
- SAP on-premise architecture
Audit & Compliance Experience Experience supporting
- SOX Audits
- Internal Audit
- External Audit
- Segregation of Duties Review
- User Access Review
- Security Compliance
- Risk Assessment, * Bachelor''s degree in Computer Science, Information Technology, Engineering, or related field.
- 8+ years of SAP Security and GRC experience.
- At least 3 end-to-end SAP GRC implementations.
- Strong communication and stakeholder management skills.
Preferred Certifications
- SAP Certified Application Associate - SAP Access Control
- SAP Certified Technology Associate - System Security Architect
- SAP Security Certification (preferred)
Nice to Have
- Experience in Government or Public Sector implementations.
- Experience working with highly regulated environments.
- Knowledge of IT COBIT, ISO 27001, and NIST security frameworks.
- Experience supporting SOC 1 / SOC 2 audits and compliance initiatives.