ToggleNow - SAP Security & GRC Consultant

Description

Role Overview

Key Responsibilities

• Design, implement, and maintain SAP Security GRC roles and authorizations across SAP systems (ECC, S/4HANA, BW, etc.
• Configure and manage SAP GRC Access Control components (ARA, ARM, BRM, EAM).
• Perform system upgrades and migrations, ensuring security compliance during transitions.
• Conduct risk analysis and remediation for SoD conflicts and critical access.
• Provide ongoing support and troubleshooting for SAP Security and GRC issues.
• Extensive work experience on GRC ARA, EAM, BRM and ARM Modules in performing the end-to-end configuration.
• Knowledge in setting up the Ruleset and performing the risk analysis at user/role level.
• Worked on MSMP and BRF+ workflow and restructuring the existing workflows.
• Expertise in creating and managing the Mitigation Controls IDs, Firefighter IDs, owners, approver and controllers (maintaining Access control owners) etc.
• Experienced in BRM activities and role management.
• Collaborate with functional and technical teams to design and implement GRC-driven access controls, ensuring alignment with compliance frameworks and audit requirements.
• Prepare and maintain GRC documentation including risk analysis reports, mitigation control logs, workflow configurations, and audit evidence for regulatory reviews.
• Stay updated with SAP Security GRC best practices, evolving risk management strategies, and global compliance standards such as SOX, GDPR, and ISO.
  

Required Skills & Qualifications

• 7 to 9 years of hands-on experience in SAP Security and GRC.
• Strong knowledge of SAP GRC Access Control (ARA, ARM, BRM, EAM).
• Experience in support, implementation / Upgrade projects.
• Proficiency in user administration, role design, and authorization concepts.
• Familiarity with S/4HANA security concepts and Fiori authorization.
• Good understanding of audit and compliance standards (SOX, GDPR, etc.
• Excellent problem-solving and communication skills.