SAP Application Security Lead

The work

The SAP Application Security Lead is responsible for the SAP Application Security and Identity Access Management (IAM) capability for the S/4HANA program. They will be responsible for the strategic design, implementation, and governance of the security framework, ensuring that all user management functions align with the "Least Privilege" principle and federal compliance standards. Directs the configuration of SAP GRC (Governance, Risk, and Compliance) to automate User Management (UM) and Segregation of Duties (SoD) analysis. This role will lead the security workstream through design, build, and audit cycles to protect mission-critical data. The SAP Security Lead is responsible for leading complex security analysis, role architecture, and risk mitigation.

Key responsibilities:

• Lead and govern User Access Management (UAM), overseeing the end-to-end design, implementation, and maintenance of S/4HANA security roles, including Fiori-specific authorizations
• Architect GRC Security Components, leading the analysis, design, and testing of SAP GRC Access Control (ARA, ARM, EAM, CUP) to ensure automated and compliant user provisioning
• Oversee SoD Risk Assessments, establishing protocols for the identification and remediation of Segregation of Duties and Critical Action risks across all functional workstreams
• Direct User Provisioning and Role Design, ensuring all development and testing activities adhere to established Security Management controls and federal audit requirements
• Manage User Access Reviews (UAR), implementing periodic certification processes to validate user entitlements and ensure continued business necessity
• Support UM Audit Requests, serving as the primary lead for internal and external audit inquiries related to user access, providing evidence and remediating findings
• Monitor and report on security posture, providing visibility into SoD violations, high-risk access, and the overall health of the security environment
• Collaborate with Functional Leads, ensuring that security designs for B2R, P2P, and O2C modules are integrated seamlessly without hindering business productivity
• Manage and mentor a team, including the training and development of junior security specialists in SAP HANA security, Fiori App-based access, and GRC troubleshooting
• Ensure adherence to Accenture delivery methodology to manage the security lifecycle from initial discovery through deployment and go-live support

Here’s what you need:

• 5+ years of experience in SAP Security Management, demonstrating a deep understanding of S/4HANA Security, SAP GRC (12.0+), and Fiori Catalog/Group design
• Knowledge of SoD Frameworks, including experience with the Global Rule Set and implementing mitigating controls in a complex environment
• Proficiency in project planning and resource management, including the ability to manage team utilization, project timelines, and security-specific risk logs

Nice to have:

• Experience in mentoring junior team members to enhance their technical configuration skills and understanding of federal compliance (NIST/FISMA)
• Experience with Identity and Access Management (IAM) integration with federal single sign-on (SSO) or PIV/CAC card authentication
• Bachelor's degree in a related field

Eligibility requirements:

• US Citizen (no dual citizenship)
• Must be eligible to obtain a government Secret Clearance
• Willingness to travel up to 25%