If you are an SAP Security expert, and within 3 hours of Raleigh, let's talk ASAP. This position is active and our client wants to hire as soon as they find the right person! nanci.cronk@themavengroup.com
Position Title: SAP Security Architect
Direct Hire
No Sponsorship (US Citizens, Green Card, Perm Resident only)
Remote but must be located within a 3 hour radius of Raleigh, NC
Job Purpose:
The SAP Security Manager role is to plan, design and implement effective security governance for the SAP ERP systems. This role offers a unique opportunity to lead a global SAP security function within a dynamic and diverse organization, driving strategic initiatives and ensuring robust security measures across the SAP landscape. This individual will apply proven communication, analytical, and problem-solving skills to help maximize the effectiveness in the areas of SAP user security and governance.
Job Content and Duties:
Key Responsibilities
• Serve as the SAP Security subject matter expert.
• Research, design, and execute security solutions for our global SAP landscape for our existing and future implementations
• Work closely with Cyber Security, Internal Audit, External Audit, Compliance, and Project teams to continually advance SAP security
• Propose improvements, both process and technical, to improve and strengthen security in the environment and ensure data integrity
• Manage Risk and Access Controls within the SAP landscape;
• Provides daily production support for various SAP systems as needed including but not limited to:
• User provisioning such as user profile management
• Role management
• SOD simulations
• GRC Firefighter setup
• Locking/unlocking/password resets
• Trace analysis and troubleshooting authorization issues
• Addition of standard and custom transaction roles
• Collaborate with other departments and stakeholders to ensure security measures are integrated into business processes and systems
• Monitor and assess security risks, and implement measures to mitigate them
• Adherence to SOX controls and standard operating procedures.
• Recommend and develop security measures to protect information against cross authorization issues and business risks.
• Identify the risks in business process and providing remediation/mitigation solutions and customized solutions to automate the business process.
• Design and build security roles and authorizations and run segregation of duties checks.
• Ensure Corporate and IS policy and procedures are adhered to
• Remain abreast of other initiatives within the IS Enterprise organization to ensure compatibility and integration opportunities are not hindered.
Job Requirements:
• Bachelor’s degree in Information technology, Computer Science or related discipline.
• Extensive experience (10+ years) in setting up and managing best practices for SAP security operations.
• In-depth knowledge of SAP security configuration, role design, and governance processes.
• Proficiency in SAP GRC, SAP IAG, and other related tools for access and risk management.
• Experience in SAP S/4 Hana security configuration and transformation.
• Strong organizational and planning skills, with agility in fast-paced environments.
• Experience in agile project methodology is preferred.
• International business experience is advantageous.
• Deep knowledge of SAP authorization concepts for both on-premise systems such as ECC, BW, Portal, BPC, PO as well as S/4 HANA and new SAP Cloud solutions;
• Extensive experience with SAP GRC Access Control 10.1 or 12.0 for centralized risk management, emergency access management, and segregation of duty management.
• Experience in handling Segregation of Duties (SOD) Risks, applying mitigation controls, supervising sensitive access and elevated privileges.
• Exceptional SAP Security functional knowledge across SAP GRC, SOX, SOD, role design and governance processes;
• Experience in SAP S/4 Hana security configuration and transformation from SAP legacy landscape;
• International experience preferred as this position conducts business globally in over thirty countries;
• GRC Access Control 10.x minimum with 12.0 preferred – Access Risk & Analysis, Emergency Access Management, Business Ruleset Management:
• Configuration of the GRC rule sets (SOD), authentication/authorization/emergency access and access recertification based on business needs, industry best practices, and regulatory requirements
• Segregation of Duties (SOD) reviews using SAP GRC and remediation Job profile includes: Analyzing SOD violations through SAP GRCs Access Control