InfoSpeed Services, Inc.
Website:
infospeedinc.com
Job details:
SAP GRC with Security Consultant –
Job Title- SAP GRC & Security Consultant
Experience Required 7–10 Years
Location- Remote
Job Summary
We are seeking an experienced SAP GRC & Security Consultant with strong expertise in SAP S/4HANA security, SAP GRC Access Control, and compliance frameworks. The ideal candidate will be responsible for designing and maintaining secure SAP authorization concepts, managing SoD risks, supporting audits, and ensuring compliance with SOX, GxP, FDA 21 CFR Part 11, and Annex 11 standards. Pharma industry experience is highly preferred.
Key Responsibilities
- Design, develop, and maintain SAP roles, profiles, and authorization objects aligned with business and compliance requirements.
- Implement and administer SAP GRC Access Control modules including:
- Access Request Management (ARM)
- Access Risk Analysis (ARA)
- Emergency Access Management (EAM)
- Business Role Management (BRM)
- Monitor, analyze, and remediate Segregation of Duties (SoD) conflicts and establish preventive controls and reporting dashboards.
- Perform user provisioning, role assignments, and periodic access reviews for SAP S/4HANA, SAP Fiori, and integrated non-SAP applications.
- Ensure adherence to least-privilege access principles and enterprise security standards.
- Support internal and external audit activities by providing documentation, evidence, remediation tracking, and compliance reporting.
- Collaborate with Internal Audit, QA, Compliance, and Infrastructure teams on risk assessments and remediation planning.
- Align SAP security controls with enterprise security frameworks such as NIST CSF and ISO 27001.
- Ensure compliance with FDA 21 CFR Part 11 and Annex 11 requirements related to electronic records and signatures.
- Participate in SAP change management, upgrades, and transformation projects while ensuring role integrity and access consistency.
- Develop and maintain SOPs, access matrices, security documentation, and GRC dashboards for leadership reporting.
- Drive continuous improvement initiatives through automation and SAP security best practices.
Required Skills & Qualifications
- 7–10 years of hands-on experience in SAP Security and SAP GRC Access Control administration.
- Strong expertise in SAP S/4HANA Security and Authorization concepts.
- Experience with SAP Fiori authorization design and troubleshooting.
- Hands-on experience with SAP GRC modules: ARM, ARA, EAM, and BRM.
- Strong understanding of SoD analysis and risk remediation processes.
- Experience supporting SOX, GxP, FDA 21 CFR Part 11, and Annex 11 compliance requirements.
- Knowledge of security frameworks such as NIST CSF and ISO 27001.
- Experience integrating SAP security with non-SAP applications.
- Strong analytical, troubleshooting, and stakeholder management skills.
- Excellent communication and documentation abilities.
Email- rajad@infospeedinc.com
Click on Apply to know more.