SAP Security Analyst

We are seeking an experienced SAP Security Analyst to support a large-scale ERP modernization initiative within a highly regulated federal environment. This role is responsible for implementing and maintaining application security and identity access management (IAM) controls within an SAP S/4HANA landscape, ensuring compliance with security standards and the principle of least privilege.

This is a 75% remote position with approximately 25% quarterly travel to the Washington, DC metro area.

Per our Federal Government Contract, candidates must be U.S. Citizens with an Active Secret Clearance.

Responsibilities

• Design, build, and maintain SAP security roles, including Fiori authorizations, catalogs, and groups
• Configure and support SAP GRC Access Control components (ARA, ARM, EAM) to enable compliant user provisioning and access management
• Perform Segregation of Duties (SoD) risk analysis and support remediation of identified conflicts and critical access risks
• Manage user access provisioning processes and ensure alignment with established security and compliance requirements
• Support User Access Reviews (UARs), including periodic certification activities and validation of user access
• Assist with internal and external audit requests by generating reports, providing system evidence, and supporting remediation efforts
• Monitor and report on security risks, including SoD violations and high-risk access across the environment
• Collaborate with functional and technical teams to ensure security designs align with business processes without impacting usability
• Troubleshoot authorization issues using tools such as SU53 and ST01, and resolve GRC workflow issues
• Maintain documentation of security roles, access controls, and mitigation strategies

Qualifications

• U.S. Citizenship required with an Active Secret Clearance or higher
• 5+ years of experience in SAP Security, including S/4HANA security and SAP GRC (10.x or 12.0)
• Hands-on experience with SAP GRC Access Control modules (ARA, ARM, EAM)
• Strong understanding of Segregation of Duties (SoD) concepts and the SAP GRC rule set
• Experience designing and maintaining Fiori security roles and authorizations
• Knowledge of SAP authorization troubleshooting tools (e.g., SU53, ST01)
• Familiarity with IAM concepts and integration with enterprise authentication methods (e.g., SSO, smart card/PIV)
• Understanding of security and compliance standards in regulated environments (e.g., NIST, FISMA)
• Strong analytical, problem-solving, and communication skills
• Experience supporting audits and compliance activities preferred
• Bachelor’s degree or equivalent experience preferred