SAP Security & GRC Consultant (S/4HANA & Fiori)

About the role

We are looking for an experienced SAP Security & GRC Consultant to lead security design and GRC enhancements for SAP S/4HANA and Fiori environments. The consultant will work closely with business stakeholders to align security roles with organizational processes and ensure compliance.

Key responsibilities

• Design and implement business, derived and composite roles for SAP S/4HANA.
• Configure and manage Fiori catalogs, groups, spaces and OData services.
• Perform PFCG role creation, SU24 maintenance and authorization troubleshooting.
• Lead role‑redesign initiatives based on process mapping and organizational structure.
• Configure SAP GRC Access Control modules (ARA, ARM, EAM, BRM) and design custom SoD and critical‑access rulesets.
• Integrate GRC with S/4HANA, Fiori and SAP BTP/cloud systems.
• Implement workflow enhancements using MSMP, BRF+ and automate provisioning/approval processes.
• Support internal and external audits by providing SoD reports, firefighter logs and compliance evidence.

Required profile

• 8+ years of hands‑on experience in SAP Security and GRC.
• Proven track record in large transformation projects and role redesign.
• Strong analytical and problem‑solving skills with the ability to work under tight deadlines.
• Excellent stakeholder communication and ability to manage multiple entities.

Required skills

• SAP S/4HANA Security
• Fiori Authorization (catalogs, groups, spaces, OData)
• PFCG role creation and SU24 maintenance
• SAP GRC 12 Access Control (ARA, ARM, EAM, BRM)
• SoD analysis and custom ruleset design
• MSMP workflow configuration
• BRF+ rule development
• Integration with SAP BTP, IAS, IPS (preferred)
• Knowledge of Fiori Spaces & Pages architecture
• Understanding of security for MDG, SCM, SRM, FI modules
• Experience with automated role‑mining tools