Cyber - Sap Security and Grc Access & Process Control Consultant / Security Engineer II

Deloitte Deloitte · Consulting

This role focuses on SAP security and GRC Access Control implementations, assessments, and optimization. Responsibilities include delivering SAP ECC and S/4HANA security implementations, designing and deploying roles, configuring GRC capabilities, analyzing segregation of duties risks, and developing security solutions for custom transactions. The role requires experience with SAP S/4HANA Security and GRC Access Control, including implementations, role design, and ruleset analysis.

What you'd actually do

  1. Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
  2. Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
  3. Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  4. Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
  5. Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

Skills

Required

  • 3+ years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
  • 3+ years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
  • Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
  • 2+ years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
  • 2+ years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
  • Ability to travel 50%

Nice to have

  • Experience in consulting or Big 4 environments
  • Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
  • Experience with SAP Identity and Access Governance
  • Experience with cloud security and cloud migration projects
  • Experience executing vulnerability management tools such as Onapsis
  • Experience preparing written deliverables and presenting information to stakeholders

What the JD emphasized

  • SAP S/4HANA Security
  • SAP Governance, Risk, and Compliance Access Control
  • segregation of duties rulesets