Architect - SAP Security Lead

This role is responsible for coordinate resources, solve technical requirements, evaluate risks and scope of SAP improvements, upgrades, and implementations for Global and PGCS solution. This role is also responsible for assessing functional requirements, guide the group as per Application Security guidelines and Compliance standard methodologies, and ensure transparent security design. Provides subject matter expertise (SME) in solutioning and implementing SAP access management requirements.. Additionally, this role's objective is to successfully deliver security upfront across all PGCS deployments while ensuring consistency in approach and providing visibility through communication and alignment with key stakeholders.

• Expert knowledge of SAP Security and Authorizations - User & Role management
• Proven knowledge of Control and Compliance requirements and regulatory frameworks - audit cycles, Segregation of Duty and Risk Remediation
• Ability to collaborate with SAP Functional and SAP Technical teams to design and implement technical SAP security solutions
• Experience managing relationships with third-party vendors
• Knowledge of key business processes and the underpinning approval functionality
• Knowledge of SAP modules - FI, CO, IM, FSCM, PP, MM, SD, SRM,
• Experience of implementing SAP solutions and enhancing SAP systems
• Excellent communication skills at all levels of the organisation, including experience of communicating technical information to a non-technical audience
• Proficient in Analysis Authorizations (RSECADMIN), restricting Characteristic/Attribute values, and managing Authorization-Relevant InfoObjects.
• Extensive experience with PFCG (Single, Composite, Derived roles), SU24 maintenance, and Organizational Level values.
• Securing InfoAreas, InfoCubes, InfoObjects, PSA, and Queries.
• Deliver successful SAP Security and Authorizations support including changes, incident fixes, SAP environment patches, and periodic SAP environment refreshes across all functional areas and environments
• Analyze SAP Governance, Risk and Compliance across all business areas, with emphasis on Access Control
• Serve as a leader for implementing SAP security solutions across various projects
• Serve as SAP Security SME
• Primarily manage and lead the technical relationships with the assigned SAP AMS support service provider
• Manage SOD remediation activities and support the organization to work through the remediation requirement
• Resolve business issues within defined SLAs
• Improving the current SAP functionality and business process including a review of the potential benefit statement in incorporating GRC into the SAP security design
• Experience working with internal and external audit
• Experience with SAP Fiori, SAP HANA, and SAP Cloud Security
• Fiori roles, UI5 App Catalogs/groups and Bes roles with OData services.
• Communicate with governance team to implement local and global best practices.
• Actively participate in the Continuous Process Improvement initiatives by striving to look for possible efficiencies, scalability and / or cost reduction opportunities

HANA DB Security.

• HANA Security:HANA Studio, HANA Cockpit, System Privileges, Object Privileges, Package Privileges, Analytical Privileges (SQL/Attribute).
• User/Role Management:Creating User/Role, Technical Users, System Admin, User Management, Password Policies, Role Design (Runtime vs. Design time roles).
• Security Configuration:SAML/SSO configuration, Audit Policies, Data Masking, Encryption (Data at rest/in transit).
• Troubleshooting:HANA Trace Analysis,AUTHORIZATION CHECKtroubleshooting, SQL queries for security auditing.
• Integration:SAP Fiori Security, BW on HANA (RSECADMIN), GRC 10.x/12 Access Control.

• Minimum 11 years in SAP Security including S4/HANA, FIORI, MDG, BW, PO(Process Orchestration) and CRM with a deep expertise
• 10+ years of experience in developing solutions for securing custom transactions, tables, and programs
• 3+ years of experience in designing, building, testing, and deploying business and support roles with S/4 and Fiori roles.
• 3+ year of experience in large and complex projects with multiple rollouts for countries / regions
• 2+ year of experience in designing, building and deploying HANA database security