SAP GRC/Security Consultant

Turnkey Consulting is a leading advisory and implementation organization specializing in risk management, governance, compliance, and security, with a focus on SAP solutions and expanding into broader cybersecurity services.

Location: United States (Considering candidates in any US location)

Responsibilities

• Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects
• Implementation of GRC technology and supporting modules
• Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs
• Perform controls and configuration reviews involving relevant application systems and processes
• Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance
• Review and advise on security redesign and remediation projects
• Provide a broader range of information risk management solutions to clients as required
• Build relationships with new clients and maintain good relations with our existing client base
• Integrate solutions into wider cybersecurity controls estates

Requirements

• Detailed understanding of the SAP authorization concept in ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA
• Experience of designing, building and implementing SAP security and authorization solutions
• Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products
• Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within (ideally v12 onward)
• Experience of IDM solutions, either SAP’s IDM solution, or non-SAP, such as SailPoint or Saviynt would be of advantage
• Experience of third-party solutions to secure SAP estates also an advantage
• Experience of SAP Fiori catalogs, groups, pages and spaces
• Experience of SAP IAG solutions would be an advantage, both IAS and IPS
• The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution
• An enquiring mind to discover "why" clients need to introduce the controlling measures.
• The ability to manage projects within varied client engagements and lead reviews and implementations
• Knowledge of corporate business processes and their control points
• Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & GDPR
• Bachelor’s degree
• Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO)
• SAP certification (Security, GRC)
• Consulting background
• Strong written and verbal communication skills
• Integration experience
• Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs
• Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually
• Able to communicate technical and functional requirements to both the business and IT