SAP Fiori, HANA Security, Full-Cycle GRC (Governance, Risk, and Compliance) Implementation, Role and Authorization Management
Description
GSPANN is hiring an SAP Security and GRC Consultant to design and implement secure SAP landscapes across ECC, S/4HANA, BW, CRM, SRM, and Fiori. The role involves managing roles, authorizations, and user access while ensuring compliance through GRC Access Control.
Location: Gurugram / Hyderabad
Role Type: Contractor
Published On: 29 October 2025
Experience: 8+ Years
Share this job
Description
GSPANN is hiring an SAP Security and GRC Consultant to design and implement secure SAP landscapes across ECC, S/4HANA, BW, CRM, SRM, and Fiori. The role involves managing roles, authorizations, and user access while ensuring compliance through GRC Access Control.
Role and Responsibilities
- Gather business and functional requirements to design and implement SAP Security architecture across modules, including SAP ECC, S/4HANA, Business Warehouse (BW), Customer Relationship Management (CRM), Supplier Relationship Management (SRM), and Fiori.
- Design, build, and maintain Role-Based Access Control (RBAC) models, including single, derived, and composite roles.
- Manage user administration tasks such as user creation, role assignment, modification, and de-provisioning across multiple SAP systems.
- Perform role testing and validation during realization, integration, and User Acceptance Testing (UAT) phases of implementation.
- Collaborate with SAP Basis and functional teams to manage role transports between development, quality assurance, and production environments (DEV QAS PRD).
- Support internal and external audits by generating access reports and addressing compliance observations.
- Implement and maintain Fiori and SAP HANA Security, including catalog and group design as well as analytic and object privileges.
- Develop and apply authorization concepts that align with organizational security and governance policies.
Skills And Experience
- Strong understanding of SAP authorization concepts, roles, and profiles.
- Expertise in designing and building single, composite, and derived roles across SAP modules (ECC, S/4HANA, BW, CRM, SRM, Fiori).
- Hands-on experience in SAP Governance, Risk, and Compliance (GRC) Access Control 10.x / 12.x implementation and support.
- Proven ability to set up and manage connectors between GRC and multiple SAP systems.
- Experience managing rule sets and mitigation controls aligned with business and audit requirements.
- Proficiency in generating and analyzing risk, firefighter, and access review reports.
- Strong communication and presentation skills for engaging with leadership teams.
- Demonstrated decision-making and problem-solving abilities in complex security environments.
