Job Title: SAP GRC Security Consultant

Experience: 9+ years

Location: Pune

Notice Period: 0-30 Days

Job Description:

We are looking for an experienced SAP GRC Security Consultant with over 7 years of experience to manage, configure, and optimize SAP Governance, Risk, and Compliance (GRC) solutions. This individual will play a key role in the implementation, support, and ongoing enhancement of SAP GRC solutions to help mitigate risk, ensure compliance, and optimize security across the enterprise.

As a SAP GRC Security Consultant, you will be responsible for managing access control, risk management, audit, and compliance-related activities within SAP systems, ensuring a robust and secure SAP landscape.

Mandatory Skills: SAP GRC Security

Key Responsibilities:

• SAP GRC Access Control:
• Implement, configure, and manage SAP GRC Access Control (AC) modules, including role-based access control (RBAC), segregation of duties (SoD), and critical access monitoring.
• Design, implement, and support role management and user provisioning processes in SAP.
• Configure and manage Access Request Management (ARM) and Emergency Access Management (EAM).
• Perform role design and assignment as per compliance requirements, business roles, and user access needs.
• SAP GRC Risk Management:
• Implement SAP GRC Risk Management (RM) modules to identify, assess, and mitigate potential risks in the SAP landscape.
• Conduct regular risk assessments, ensuring alignment with business processes and ensuring compliance with industry standards.
• Develop and implement risk mitigation strategies and ensure continuous monitoring of risk profiles.
• Audit and Compliance Monitoring:
• Monitor and ensure audit and compliance processes within the SAP environment, ensuring full compliance with internal and external regulations.
• Implement and maintain SAP GRC Audit Management to streamline audit processes and manage audit findings.
• Work with external auditors to ensure proper system audits and regulatory compliance.
• SAP GRC Configurations and Enhancements:
• Configure, support, and troubleshoot SAP GRC (Governance, Risk, and Compliance) solutions.
• Continuously review and improve the SAP security framework based on business requirements, risk management strategies, and industry best practices.
• Collaborate with functional teams to understand the business requirements and provide appropriate security configurations.
• Segregation of Duties (SoD) Analysis:
• Implement and maintain SoD (Segregation of Duties) rules and workflows.
• Perform SoD conflict analysis and remediation, ensuring business processes adhere to compliance requirements.
• Design and enforce SoD policies and maintain conflict-free role definitions.
• Emergency Access Management (EAM) and Super User Access:
• Manage and configure EAM (Emergency Access Management) to ensure that users are granted temporary elevated access only when required and for a limited time.
• Ensure monitoring and logging of superuser access to prevent misuse and enforce compliance.
• SAP Security and Authorization Management:
• Configure and maintain SAP security roles, profiles, and authorizations.
• Ensure robust system security by applying the principle of least privilege and adhering to SAP best practices.
• Monitor and audit system access logs for unusual activities and potential security risks.
• User Provisioning and Role Management:
• Implement user provisioning workflows and automate role assignment processes to streamline user management.
• Conduct regular role audits and ensure users have access only to necessary resources.
• Integrate SAP GRC with other systems for identity and access management (IAM).

Skills & Qualifications:

• Mandatory Skills:
• 7+ years of experience in SAP GRC Security with hands-on experience in SAP GRC Access Control (AC), Risk Management (RM), Audit Management (AM), and Process Control (PC).
• Expertise in SAP Security, user provisioning, role management, and segregation of duties (SoD).
• Strong experience in configuring SAP GRC Access Control, including Access Risk Analysis, Emergency Access Management (EAM), and Access Request Management (ARM).
• Familiarity with SAP GRC Reporting tools and the ability to produce and analyze compliance reports.
• Knowledge of SAP S/4HANA security, Fiori Security, and other SAP security products is a plus.
• Strong knowledge of SAP security principles, including profiles, authorizations, and role design.
• Experience in audit management and compliance-related activities, ensuring internal and external audits are successfully completed.
• Desirable Skills:
• Certification in SAP GRC or related SAP security certifications.
• Understanding of SAP HANA Security and other cloud-based security solutions.

Experience with automation tools and integrating SAP GRC with other systems like Active Directory, SAP Identity Management (IdM), etc.