What are the responsibilities and job description for the SAP GRC & Security Functional Consultant position at Ampstek?
Title: SAP GRC & Security Functional Consultant
Location: Charlotte, NC (Onsite)
Employment Type: Contract
Job Summary:
We are seeking an experienced SAP GRC & Security Functional Consultant with strong expertise in SAP Security, Governance Risk and Compliance (GRC), and identity and access management integrations. The ideal candidate will be responsible for designing, implementing, and supporting SAP security and compliance solutions while integrating SAP environments with enterprise identity management platforms, Single Sign-On (SSO), and SSL-based authentication mechanisms.
Key Responsibilities:
• Design, implement, and support SAP Security and SAP GRC solutions across SAP landscapes, including SAP ECC and SAP S/4HANA environments.
• Configure and maintain SAP roles, authorizations, profiles, and user administration processes.
• Implement and support SAP GRC Access Control modules, including Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM).
• Collaborate with business and technical teams to gather security requirements and translate them into SAP security designs.
• Integrate SAP applications with Identity Management (IDM/IAM) solutions for user provisioning, deprovisioning, and role management.
• Implement and support Single Sign-On (SSO) solutions using technologies such as SAML, Kerberos, and OAuth.
• Configure and maintain SSL certificates and secure communication channels across SAP systems.
• Perform Segregation of Duties (SoD) analysis and remediation activities to ensure compliance with security policies and regulatory requirements.
• Support user access reviews, audit activities, and compliance reporting.
• Troubleshoot security-related issues and provide production support for SAP authorization and access management processes.
• Develop and maintain documentation for security configurations, processes, and procedures.
• Collaborate with infrastructure and security teams on enterprise IAM and authentication initiatives.
Required Qualifications:
• Bachelor's degree in Computer Science, Information Technology, Information Systems, or a related field.
• 7 years of experience in SAP Security and SAP GRC implementations and support.
• Strong hands-on experience with SAP GRC Access Control modules (ARA, ARM, EAM, BRM).
• Extensive experience in SAP Security administration, roles, profiles, and authorization concepts.
• Experience integrating SAP systems with Identity Management (IDM/IAM) platforms.
• Strong knowledge of Single Sign-On (SSO) technologies and authentication protocols.
• Experience implementing and supporting SSL certificates and secure communication mechanisms.
• Experience with SAP ECC and SAP S/4HANA security environments.
• Knowledge of Segregation of Duties (SoD), compliance requirements, and audit processes.
• Excellent analytical, troubleshooting, and problem-solving skills.
• Strong communication and stakeholder management abilities.
Preferred Qualifications:
• Experience with SAP Cloud Identity Services, SAP Identity Authentication Service (IAS), and SAP Identity Provisioning Service (IPS).
• Experience with enterprise IAM platforms such as Microsoft Entra ID (Azure AD), Okta, or SailPoint.
• Knowledge of SAP Fiori Security and SAP Business Technology Platform (BTP) security concepts.
• Relevant SAP certifications in SAP Security, SAP GRC, or SAP Identity Management are highly preferred.
Contact:
Snehil Mishra
📧 snehil@ampstek.com
📞 Desk: 609-360-2673 Ext. 125
🌐 www.ampstek.com