Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II

SAP Security and GRC Access & Process Control Consultant / Security Engineer II

Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an evolving threat landscape through practical, scalable security solutions. In this role, you will focus on SAP security and access governance capabilities that help clients strengthen controls, manage risk, and support secure transformation.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Enterprise Security team, you will be responsible for supporting SAP security and GRC access control implementations, assessments, and optimization efforts.

• Deliver SAP ECC and SAP S/4HANA security implementations and assessments across client environments.
• Design, build, test, and deploy end-user and IT support roles for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform environments.
• Configure and support SAP Governance, Risk, and Compliance Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
• Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0.
• Develop security solutions for custom transactions, tables, programs, reporting, and analytics tools across complex, multi-country rollout programs.

A successful candidate would possess these skills:

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps embed security across digital transformation initiatives by securing the technical backbone of the organization while enabling business change. The team supports capabilities across security architecture, secure development and deployment, cyber cloud, application security, and security for emerging technologies and connected products.

Qualifications

Required:

• Bachelor's degree
• 3 years of experience with SAP S/4HANA Security and SAP Governance, Risk, and Compliance Access Control
• 3 years of experience implementing security for SAP S/4HANA, SAP Fiori, and SAP Business Technology Platform, including requirements gathering, security design, and deployment
• Experience delivering at least 2 full-cycle SAP S/4HANA security implementations
• 2 years of experience configuring and implementing SAP Governance, Risk, and Compliance Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management
• 2 years of experience building and updating segregation of duties rulesets and performing user- and role-level risk analysis in SAP Governance, Risk, and Compliance 12.0
• Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Experience in consulting or Big 4 environments
• Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Information Systems Auditor
• Experience with SAP Identity and Access Governance
• Experience with cloud security and cloud migration projects
• Experience executing vulnerability management tools such as Onapsis
• Experience preparing written deliverables and presenting information to stakeholders

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.