Senior SAP Security Consultant

Job Summary

The SAP Security Analyst is responsible for designing, implementing, and maintaining security roles, authorizations, and governance across SAP environments (ECC, S/4HANA, BW, Fiori, GRC, etc.). This role ensures compliance, protects sensitive business data, supports audits, and partners with functional and technical teams to deliver secure SAP solutions.

Key Responsibilities

Role Design & Authorization Management

Design, configure, and maintain SAP

roles, profiles, and authorization objects . Support

S/4HANA and ECC security models , including organizational-level design. Manage

Fiori catalog, group, and tile security

for applications and UX roles. Create and maintain

structural & master data authorizations . User Administration

Perform user provisioning, de-provisioning, and access management across SAP systems. Maintain segregation of duties (SoD) controls and ensure compliance with policies. Monitor privileged/temporary access and implement mitigating controls. Security Support for SAP Modules

Support security requirements across modules such as: FI/CO, SD, MM, PP, QM HCM / SuccessFactors BW/4HANA, BOBJ, BTP CRM, SCM, SRM (as applicable) Audit, Compliance & Monitoring

Support internal and external audits by providing required documentation. Maintain SOX, GDPR, HIPAA, or other regulatory compliance depending on the customer environment. Monitor security logs, critical access, and exception reports. Security Risk Management

Identify and evaluate security risks across SAP systems. Recommend improvements, best practices, and governance processes. Assist in implementing security hardening guidelines and standards. Required Skills & Experience

5+ years of SAP Security experience in large enterprise environments. Strong understanding of

SAP role design, authorization concepts, and security architecture . Experience with ECC and/or

S/4HANA security . Hands-on experience with

Fiori security . Solid understanding of SoD, compliance frameworks, and risk mitigation. Experience with

SAP GRC

(Access Control) is highly preferred. Ability to analyze SU53 logs, ST01 traces, and troubleshoot authorization issues. Strong communication and documentation skills.