SAP Security & GRC Architect / Manager / Lead

About the role

The organization is seeking an experienced SAP Security & GRC professional to lead the design, implementation, and governance of SAP security across a complex, multi‑system landscape. The role will shape security architecture, ensure compliance, and drive global security transformation initiatives.

Key responsibilities

• Design and implement SAP Security architecture for ECC, S/4HANA, BW/4HANA, Ariba, IBP, SuccessFactors and BTP environments.
• Create and maintain an enterprise role matrix aligned with business processes and regulatory requirements.
• Develop single, composite and derived roles using PFCG and define authorization concepts for S/4HANA, including Fiori tile‑based access.
• Implement SAP GRC Access Control modules (ARA, ARM, BRM, EAM, UAR) and configure Segregation of Duties (SOD) rule sets.
• Establish risk and control matrices for SOX and internal audit, and manage continuous control monitoring.
• Deploy emergency access (Firefighter IDs) and monitor privileged access logs.
• Implement SAP Identity Access Governance (IAG) for cloud applications (Ariba, IBP, SuccessFactors, BTP) and enable hybrid access governance.
• Support audit activities, generate compliance dashboards and assist auditors with reviews.

Required profile

• 15+ years of hands‑on experience in SAP Security, role design and GRC.
• Proven track record leading end‑to‑end SAP implementations and global security transformations.
• Deep knowledge of S/4HANA security, Fiori access concepts and cloud integration.
• Experience with SOX compliance, IT audit processes and risk mitigation.

Required skills

• SAP Security (ECC, S/4HANA, BW/4HANA, Fiori, BTP, Ariba, IBP)
• SAP GRC Access Control, Process Control, Risk Management
• SAP Identity Access Governance (IAG)
• SuccessFactors Role‑Based Permissions (RBP) and Central User Administration (CUA)
• SOX compliance and Segregation of Duties (SOD) management
• PFCG role development and authorization concept design