Sr. SAP GRC Security Consultant-Remote with 20 % Travel

Sr. SAP GRC Security Consultant

Position Overview
The SAP Security Engineer will design and implement a secure SAP authorization model aligned with DOE cybersecurity requirements. The role requires on-site engagement for security reviews, compliance validation, and audit readiness, with remote support for role configuration and documentation.

Work Location & Travel

• Hybrid role
• Travel required for security assessments, audit support, and system validation phases
• Remote work for role design, documentation, and access monitoring

Key Responsibilities

• Design SAP role-based security architecture
• Configure authorization objects and roles for MRP users
• Implement segregation of duties controls
• Integrate SAP with identity management systems (AD, SSO, MFA)
• Conduct access risk assessments and remediation
• Support audit documentation and compliance reporting
• Monitor authorization issues and enforce least-privilege principles
• Ensure alignment with NIST, FISMA, and DOE cybersecurity standards

Required Qualifications

• 5+ years SAP security administration experience
• Strong expertise in SAP authorization objects and role design
• Experience in regulated or federal environments
• Knowledge of compliance frameworks (NIST, FISMA)
• Ability to travel for on-site compliance and audit support

Preferred Qualifications

• SAP GRC Access Control experience
• DOE security compliance experience

=9 Engagement Characteristics

• Hybrid delivery model balancing on-site collaboration and remote execution
• Travel concentrated during discovery, testing, and knowledge transfer phases
• Secure, compliance-driven environment
• Opportunity to contribute to a high-visibility pilot with enterprise expansion potential