Bachelor's degree in information security, Computer Science, Information Systems, or related field, or equivalent experience.
5–8+ years in SAP Security with deep knowledge of role design, profiles, authorization objects, and SoD risk analysis.
Hands-on experience with S/4HANA or ECC, HANA DB security, and at least one reporting/analytics platform (e.g., BW/4HANA or BusinessObjects).
Proficiency with SAP GRC Access Control and familiarity with SAP IDM and SSO patterns.
Requirements:
Design, build, and maintain role based access and authorization concepts across ECC or S/4HANA, BW/4HANA, SAP PI/PO, Solution Manager, and BusinessObjects, with scalable patterns for business roles.
Administer user provisioning, deprovisioning, access reviews, and SoD analysis; define mitigating controls and custom authorizations when necessary.
Implement and operate SAP GRC Access Control (ARA, ARM, EAM, BRM) for request, approval, firefighter, and ruleset governance.
Monitor and respond to security events; integrate with SIEM and vulnerability management to detect anomalies and drive remediation.
Job description
"WE DO WHAT WE SAY "
JTSi is a federal government consulting firm, providing technical services to the Federal Government, i.e., DoD, Client and various Civilian Agencies. We are proud to have earned the reputation of honesty, integrity and the ability to build long-term professional relationships with our employees and clients. Please visit our website at www.JTSUSA.com to learn more about who we are and what we do.
Company Name: - JTSi (Johnson Technology Systems, Inc.) Title: SAP Security Analyst/Engineer Location: Remote Citizenship: US
Description of Project and Tasks: Seeking an SAP Security Analyst/Engineer to design roles and authorizations, administer access and SoD controls, and drive compliance across S/4HANA/ECC, BW/4HANA, and BusinessObjects while integrating with enterprise IAM and monitoring. Successful candidates bring deep GRC Access Control experience, HANA security expertise, and a track record of partnering with audit and business teams to reduce risk and improve control maturity
Key responsibilities
Design, build, and maintain role based access and authorization concepts across ECC or S/4HANA, BW/4HANA, SAP PI/PO, Solution Manager, and BusinessObjects, with scalable patterns for business roles
Administer user provisioning, deprovisioning, access reviews, and SoD analysis; define mitigating controls and custom authorizations when necessary.
Create and maintain roles, profiles, and authorization objects; manage transports and promote changes through QA to production per change control.
Implement and operate SAP GRC Access Control (ARA, ARM, EAM, BRM) for request, approval, firefighter, and ruleset governance.
Govern HANA security including analytic privileges and role design for developers, modelers, DBAs, and end users.
Support SAP project lifecycles (blueprint, testing, cutover, go live) and system upgrades with security design, testing, and remediation.
Integrate SAP security with enterprise IAM and SSO; coordinate identity lifecycle and role mappings with central directories.
Monitor and respond to security events; integrate with SIEM and vulnerability management to detect anomalies and drive remediation.
Conduct periodic risk assessments, internal audits, and evidence collection
Provide production support and root cause analysis for authorization failures; deliver training and knowledge transfer to end users and support teams.
Maintain documentation for security designs, rulesets, procedures, and change records aligned to internal policies and external standards.
Minimum qualifications
Bachelor's degree in information security, Computer Science, Information Systems, or related field, or equivalent experience.
5–8+ years in SAP Security with deep knowledge of role design, profiles, authorization objects, and SoD risk analysis.
Hands on experience with S/4HANA or ECC, HANA DB security, and at least one reporting/analytics platform (e.g., BW/4HANA or BusinessObjects).
Proficiency with SAP GRC Access Control and familiarity with SAP IDM and SSO patterns.
Strong communication, documentation, and cross functional collaboration skills with audit and business stakeholders.
Preferred qualifications
Understanding of security frameworks and ITGCs such as ISO 27000, NIST 800, and COBIT.
Experience with BRF+ and MSMP configuration in GRC, and complex access workflows.
Background in upgrades, OS/DB or HANA migrations, and large multi system landscapes.
Exposure to Security Bridge or similar SAP vulnerability/patch monitoring solutions.
Familiarity with Fiori role design alongside classic authorization concepts. velvetjobs
Tools and technologies
SAP GRC Access Control (ARA, ARM, EAM, BRM), SAP IDM, SSO, and directory services for IAM integration.
HANA database security and analytic privileges; BW/4HANA and BusinessObjects authorizations.
SIEM and vulnerability management integrations supporting monitoring and incident
