SAP Security Lead

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, or a related field (or equivalent experience).
• 8+ years of hands-on SAP security experience, including role and authorization design.
• Strong expertise in SAP S/4HANA security, including Fiori and business role concepts.
• Proven experience with SAP authorization objects, SU24, PFCG, and user administration.
• Experience supporting audits and compliance initiatives (SOX, ITGC).
• Strong communication skills with the ability to explain complex security concepts to technical and non-technical stakeholders.

Nice To Haves

• Experience with SAP GRC Access Control (ARA, ARM, EAM).
• Knowledge of SAP BTP security and integration security concepts.
• Experience in large-scale SAP transformations or S/4HANA conversions.
• SAP Security or GRC certifications.
• Retail, manufacturing, or supply chain SAP experience.

Responsibilities

• SAP Security Strategy & Governance Define and maintain SAP security architecture, standards, and best practices across SAP systems (S/4HANA, SAP Public Cloud, Fiori, BTP, IBP, GRC).
• Establish and enforce role design principles aligned to least-privilege and segregation of duties (SoD) requirements.
• Own SAP security governance processes, including access request workflows, role approvals, emergency access, and periodic access reviews.
• Serve as the SAP security escalation point for risk assessments, audit findings, and security incidents.
• Role Design & Authorization Management Lead the design, build, and maintenance of SAP roles, profiles, and authorization objects.
• Oversee SU24 proposal management and authorization object maintenance.
• Ensure consistent role design across transactions, Fiori apps, and business catalogs.
• Manage user provisioning, deprovisioning, and access changes in alignment with HR and IT processes.
• Compliance, Audit & Risk Management Partner with Internal Audit, Compliance, and Risk teams to support audits (SOX, ITGC, and regulatory reviews).
• Perform and remediate SoD analysis and access risk findings using SAP GRC or equivalent tooling.
• Ensure SAP security controls meet corporate security policies and regulatory requirements.
• Maintain documentation and evidence required for audits and control testing.
• Program & Project Support Lead SAP security activities for SAP implementations, upgrades, rollouts, and integrations.
• Collaborate with SAP functional leads, developers, and architects to ensure security is embedded into solution design.
• Assess security impacts of new SAP functionality, custom developments, and integrations.
• Provide guidance on secure design for custom transactions, reports, workflows, and interfaces.
• Leadership & Continuous Improvement Act as a subject matter expert (SME) for SAP security across the organization.
• Mentor and guide SAP security analysts and administrators.
• Monitor SAP security innovations and recommend improvements to tools, processes, and controls.
• Drive automation and efficiency in access management and compliance processes.