Haystack
← Back to Jobs
Technology

SAP GRC Consultant

Ornate TechUnited States🇺🇸United StatesPosted 7 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

Role Overview

The SAP Security/GRC Lead Consultant is responsible for designing, implementing, and maintaining secure access across the SAP S/4HANA landscape. This role ensures compliance with internal controls, regulatory requirements (SOX, ITAR, DFARS, CMMC), and industry best practices. The consultant partners with functional, technical, and audit teams to safeguard SAP systems, manage risk, and support ongoing transformation initiatives.


Key Responsibilities


SAP Security

•             Design, build, and maintain SAP roles and authorizations across S/4HANA on Premise.

•             Manage user provisioning, role assignments, and access remediation.

•             Perform security impact analysis for new projects, transports, and functional changes.

•             Support security patching, vulnerability remediation, and audit readiness.

•             Monitor and troubleshoot authorization failures, SU53/SUIM analysis, and STAUTHTRACE.

•             Ensure compliance with ITAR, DFARS , CMMC, and organizational security policies.


SAP GRC

•             Administer and enhance SAP GRC Access Control (ARA, ARM, BRM, EAM).

•             Maintain Segregation of Duties (SoD) rulesets and risk matrices.

•             Manage Emergency Access Management (Firefighter) setup, logs, and reviews.

•             Support Access Request workflows, role approval processes, and automated provisioning.

•             Conduct periodic access reviews, SoD remediation, and compliance reporting.

•             Partner with Internal Audit to support SOX controls, evidence collection, and audit walkthroughs.


Governance, Risk & Compliance

•             Develop and maintain security standards, procedures, and documentation.

•             Participate in risk assessments, control testing, and remediation planning.

•             Support change management processes to ensure secure transport and deployment practices.

•             Collaborate with cybersecurity teams on Zero Trust, MFA, VPN, and identity governance initiatives.


Required Qualifications

•             3–7+ years of experience in SAP Security and/or SAP GRC Access Control.

•             Strong understanding of SAP authorization concepts, role design, and security architecture.

•             Hands-on experience with GRC modules (ARA, ARM, BRM, EAM).

•             Familiarity with audit frameworks (SOX, NIST 800 171, CMMC).

•             Experience supporting SAP S/4HANA environments (on-premise).

•             Ability to analyze complex authorization issues and propose effective solutions.

•             Excellent communication skills and ability to work with cross-functional teams.


Preferred Qualifications

•             Experience in Aerospace & Defense or other regulated industries.

•             Knowledge of ITAR U.S. Person requirements and controlled data handling.

•             Understanding of Basis, ABAP, or Identity Governance concepts.

•             SAP certifications in Security, GRC, or related areas.

 

 

 

 

Skills

MFA
Zero Trust

Similar jobs