SAP Application Security and GRC Analyst (Sr.) - U.S. Citizenship Required

CGI•Fairfax, VA

10d•Hybrid

About The Position

CGI is seeking a Senior SAP GRC and Application Security Analyst to join an SAP S/4HANA Greenfield implementation project for a large government contract. As a senior-level SAP GRC and Application Security Consultant, you will be involved in every stage of the application lifecycle—from design to deployment—and will be responsible for delivering comprehensive SAP security capabilities and solutions within the project’s SAP landscapes. The ideal candidate will serve as a lead with a strong background in SAP application security design, particularly in S/4HANA, S/4HANA Private Cloud, and RISE, in conjunction with SAP GRC, SAP BTP, and other non-SAP tools. You should possess comprehensive knowledge of SAP security structure, user authentication methods, user access and authorization concepts, user activity monitoring, and audit/compliance reporting. This project operates in a fast-paced and dynamic environment that leverages Agile/Scrum methodology to rapidly build solutions based on customer requirements. You are encouraged to learn new technologies and suggest improvements to business processes. Success in this role will be achieved through your strong technical expertise, proactive problem‑solving abilities, and excellent communication skills with clients. This position is located in one of CGI Federal's offices in Fairfax, VA, Lebanon, VA, Lafayette, LA or Knoxville, TN; however, a hybrid working model is acceptable. You will be required to work in a CGI Federal office two days per week.

Requirements

Due to the nature of contract requirements, U.S. citizenship and successful completion of a CGI background check are required prior to beginning work. In addition, candidates must have the ability to obtain and maintain a DHS EOD/Public Trust clearance.
Minimum of 9 years of experience administering SAP security for applications, with at least 5 years in security and controls, consulting stakeholders throughout application implementations.
Experience in SAP landscape security strategy, architecture, and supporting project implementations with SAP GRC, SAP BTP, and other security tools.
Strong organizational skills to manage multiple priorities, deliverables, and project milestones, along with excellent analytical, problem‑solving, and communication skills.
Ability to work effectively with all levels of project and government client personnel, influence change, and manage dynamic environments.
Experience as a leader for major IT programs involving multiple teams and projects, with the ability to serve as a liaison between business units, technology teams, and project teams.
Proficiency in Microsoft Office Suite—especially Excel, Project, and PowerPoint—and the ability to work with minimal supervision while maintaining quality and attention to detail.

Nice To Haves

Proficiency in SAP application security methodologies, role‑based user authorization, access controls, and Segregation of Duties (SoD) concepts.
Ability to influence change and manage rapidly evolving technological and business environments.
Current SAP Security Certification is desirable.
Project experience within government agencies or the public sector is highly desirable.

Responsibilities

Collaborate with a team of SAP Security Analysts throughout the project lifecycle to build and implement robust security measures.
Utilize available tools and applications to provide comprehensive SAP security solutions, adhering to SAP best practices and industry standards.
Participate in the selection, design, and implementation of security solutions as part of a project team, ensuring alignment with organizational goals.
Develop, maintain, and enhance a secure SAP environment, with a focus on continuous improvement and risk mitigation.
Oversee security aspects of system builds, upgrades, patching, client copies, and refreshes, ensuring compliance with security protocols.
Conduct SAP security workshops with clients and project personnel to educate and align on security practices and strategies.
Engage proactively with the project team and clients in activities such as requirement gathering and status reporting, ensuring clear communication and collaboration.
Provide extensive training and leadership to clients and internal teams, fostering a culture of security awareness and expertise.
Identify and communicate security issues, risks, and opportunities to facilitate timely resolution.
Deliver SAP security solutions, analytics, reports, and documentation—including TDS, FDS, WRICEF documents, and standard operating procedures (SOPs)—to support project objectives and security compliance.