SAP S4 HANA security lead

Job Summary

The S/4 HANA Security Consultant will be responsible for the end-to-end design, implementation, and support of the security framework for our SAP S/4 HANA environment. This includes developing security strategy, designing and building roles, troubleshooting authorization issues, and ensuring optimal performance and user experience, particularly with Fiori applications. The ideal candidate will have deep technical expertise in S/4 HANA security, GRC, and a proven ability to collaborate with business and technical teams.

Key Responsibilities

• Strategy & Design: Gather requirements to document and implement the S/4 HANA Security Strategy and framework. Design and build security roles for S/4 HANA (including Transactional, MDG, and Fiori), GRC 10.1, BW/4HANA, HANA DB, and other connected systems.
• Fiori Security & Optimization: Specialize in Fiori security by designing roles with Catalogs and Groups. Activate OData services (/IWFND/MAINT_SERVICE), troubleshoot authorization issues via /IWFND/ERROR_LOG, and work with the Fiori configuration team to resolve inactive app issues.
• User Experience Improvement: Optimize the user experience by refining Fiori catalogs, removing unused tiles and groups, and reducing homepage load times for enhanced performance.
• Go-Live & Project Support: Document and execute cut-over tasks for S/4 HANA go-live. Provide rapid-turnaround support and issue resolution during project implementation and post-go-live.
• Troubleshooting & Analysis: Expertly troubleshoot authorization problems using ST01 and SU53. Maintain authority checks for custom transactions in SU24. Utilize SUIM reports and security tables (via SE16) for daily user and role analysis.
• Compliance & Auditing: Conduct monthly security checks and fulfill internal/external audit requests. Generate SUIM reports to analyze user access, critical authorizations, and system settings to ensure compliance.

Required Skills and Qualifications

• Proven experience gathering requirements and documenting S/4 HANA Security Strategy.
• Hands-on experience designing and building roles in S/4 HANA, including Fiori Apps, MDG, and GRC 10.1.
• Demonstrable experience with Identity Access Governance (IAG) and cloud security concepts.
• Expertise in troubleshooting authorization issues using ST01 and SU53.
• Proficiency in using SAP security tools: SU24 (maintaining authority checks), SUIM (reports), and SE16 (for security tables).
• Strong experience in activating and managing Fiori OData services and troubleshooting related errors.
• Ability to work effectively with business users to identify and resolve Fiori app issues.
• Experience supporting a full-lifecycle SAP implementation through go-live and hyper-care.

Preferred Qualifications

• Experience with BW/4HANA and HANA Database security.
• Knowledge of optimizing Fiori launchpad performance by managing catalogs and groups.
• Prior experience in a client-facing or consulting role.
• Relevant SAP certifications (e.g., SAP Certified Application Associate - SAP S/4HANA Security).