SAP Security & Identity Access Management Analyst III

About The Position

Requirements

• Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, or equivalent practical experience.
• 6+ years of experience in Identity and Access Management, with a strong concentration in SAP Security.
• Demonstrated hands-on SAP Security administration experience (required), including role design, authorization concepts, and user provisioning.
• Experience administering or supporting Privileged Access Management solutions.
• Strong experience securing privileged and elevated SAP accounts, including firefighters and emergency access.
• Experience supporting security for SAP in regulated environments (SOX, CMMC, NIST).
• In-depth understanding of SAP authorization framework
• In-depth understanding of Segregation of Duties (SoD)
• In-depth understanding of SAP GRC Access Control (or equivalent)
• Knowledge of information security standards and frameworks: NIST 800-53, 800-171, CMMC (preferred)
• Knowledge of SOX compliance and audit support
• Familiarity with Active Directory, Red Hat Linux, and enterprise IAM ecosystems relate to SAP access.
• Strong analytical and problem-solving skills with high attention to detail.
• Excellent interpersonal and organizational skills; ability to manage deadlines and competing priorities.
• Ability to adapt to evolving SAP technologies and security requirements.
• Proven ability to identify and implement process optimizations and security improvements.
• Commitment to delivering consistent, high-quality customer service while maintaining strong security controls.

Nice To Haves

• Experience in integrating SAP systems with IAM platforms (preferred)
• SAP Security certifications (preferred)
• Knowledge of information security standards and frameworks: NIST 800-53, 800-171, CMMC (preferred)

Responsibilities

• Serve as the SAP Security SME, responsible for end-to-end SAP security administration across related SAP platforms.
• Design, create, maintain, and troubleshoot SAP roles, composite roles, authorization objects, and user assignments.
• Assist with the development of role-based access control (RBAC) models aligned with job functions and business processes.
• Ensure compliance with Segregation of Duties (SoD), CMMC, SOX, and internal audit requirements using SAP GRC or equivalent tools.
• Define and enforce SAP security standards, naming conventions, policies, and procedures.
• Support and enhance SAP access provisioning and deprovisioning through IAM provisioning tools, including role modeling and access workflows.
• Partner with IAM teams to automate the SAP joiner/mover/leaver lifecycle.
• Assist with integrating Privileged Access Management (PAM) solutions for SAP privileged and firefighter accounts.
• Support SAP user access reviews, certifications, and attestation campaigns.
• Support internal and external audits by providing SAP security documentation, access evidence, and remediation plans.
• Assist in analyzing security threat notifications related to SAP systems and recommend corrective actions.
• Work closely with SAP functional teams, business process owners, PMO, Enterprise Architecture, HR, Legal, and Audit partners.
• Establish and maintain strong working relationships with SAP end users and IAM customers.
• Providing guidance and education on SAP accesses best practices and security controls.
• Identify and recommend process improvements to enhance SAP security efficiency, automation, and compliance posture.
• Support ongoing SAP security operations and other IAM/security initiatives as required.

Benefits

• Choice of medical plans with prescription coverage
• Employer HSA contribution
• Dental & Vision Insurance
• Paid Parental Leave
• Short & Long-Term Disability
• Other voluntary benefits including: Critical Illness, Hospital Indemnity, Identity Theft Protection and Pet Insurance
• 401K with generous Company match & contribution
• Accrued Paid Time Off
• 12 Paid Holidays + 1 Floating Holiday
• Robust employee wellness program
• Tuition assistance program