IT SAP Security Engineer - J0048787

Overview The SAP Security Analyst – Role Design & SailPoint will be responsible for the day-to-day management of SAP user access, security role design, and governance processes across the AM region. This includes provisioning SAP accounts, collaborating with functional teams on secure access design, and supporting identity lifecycle management using SailPoint. The analyst will ensure the integrity and compliance of SAP S/4HANA access while providing support for audits, access reviews, and segregation of duties (SoD) monitoring.

Job Summary This position plays a vital role in maintaining secure and compliant SAP environments by designing, administering, and reviewing access controls. The ideal candidate will have a deep understanding of SAP security concepts (roles, authorizations, profiles) and hands-on experience with role provisioning, GRC tools, and identity governance platforms such as SailPoint. The analyst will also support global and regional initiatives, participate in SAP rollout projects, and contribute to continuous improvement in SAP security processes.

Job Responsibilities

Design and maintain SAP security roles (single, composite, derived) for SAP S/4HANA and related systems.

Support new project rollouts, security role mapping, and SoD (Segregation of Duties) compliance.

Collaborate with functional leads to define access requirements and translate them into secure role concepts.

Partner with the Identity & Access Management (IAM) team to support SailPoint provisioning workflows.

Manage day-to-day user provisioning and de-provisioning for all AM Region SAP accounts, ensuring timely and accurate access.

Conduct periodic access reviews, audit support, and remediation of identified risks.

Provide technical guidance for GRC ruleset maintenance and SoD analysis.

Develop documentation for security design, user provisioning processes, and governance procedures.

Perform user and role analysis to identify redundant, obsolete, or excessive access.

Investigate and resolve access issues, violations, or user provisioning errors.

Stay updated on SAP security trends, tools, and regulatory changes impacting access control.

Provide support during go-live cutovers and critical production support windows.

Qualifications Knowledge, Skills, and Abilities

Strong understanding of SAP authorization concepts and role-based access control.

Ability to manage high-volume provisioning and support multiple SAP environments.

Experience supporting manufacturing or regulated industries preferred.

Strong communication skills for collaboration with business users and audit teams.

Familiarity with IT general controls, SOX compliance, and access certification processes.

Ability to prioritize and manage multiple tasks in a fast-paced environment.

Experience working in international or global teams is a plus.

Technical Skills

Hands-on experience in SAP Security for S/4HANA, Fiori, and ECC systems.

Proficiency in SAP authorization objects, PFCG role maintenance, SUIM, ST01, SU53, and SU24.

Experience with SAP GRC Access Control (ARA, BRM, ARM).

Experience with SailPoint IdentityNow or other Identity Governance tools.

Familiarity with ticketing systems like ServiceNow or SAP Solution Manager.

Understanding of SAP modules such as MM, SD, PP, and FICO from a security perspective.

Education Bachelor’s degree in business, Engineering, Computer Science, Information Systems, or related field.

Experience

Minimum 5 years of experience in SAP Security administration.

At least 2 years of experience with S/4HANA security and/or Fiori applications.

Experience with SailPoint Identity Governance tools highly preferred.

Experience supporting SAP implementations and working on project teams.

Audit and compliance support experience is a plus.

Working Conditions

Open to travel up to 30%, including extended stays for project implementation.

Ability to work in a professional setting, adhering to company and regulatory safety requirements.

Work in a safe and professional manner while adhering to all regulatory requirements (OSHA, EPA, State, and Federal regulations, etc.).

Comprehend and adhere to management directions and/or safety instructions with no restrictions.

Effectively communicate in Business English language.

Location Close to at least one of the US plants is highly desirable.

#J-18808-Ljbffr