Hansell Tierney
Join to apply for the
Security Engineer (SAP GRC)
role at
Hansell Tierney .
Our client is seeking a highly skilled and motivated
SAP GRC Engineer
to support legal, ethical, and regulatory obligations while maintaining a secure technology environment. This role involves developing and executing security controls, implementing countermeasures to prevent internal and external attacks, and ensuring SAP GRC IT control objectives are in compliance and running at full efficiency.
Hiring Arrangement Direct Hire
Location Greater Seattle Area (3 days/week onsite)
Compensation $150,000 - $190,000 base salary plus RSU & Bonus. All experience levels considered.
Benefits Our client offers a very competitive benefits package, including paid time off, comprehensive medical coverage (medical, dental, vision, pharmacy, behavioral health, hearing aid), and access to employee assistance resources. Additional offerings include a Health Care Reimbursement Account, Dependent Care Assistance Plan, short- and long-term disability coverage, life and AD&D insurance, a 401(k) retirement savings plan, and participation in an employee stock purchase program for eligible team members.
Responsibilities
Serve as the technical expert for SAP GRC—designing, configuring, and maintaining solutions in modules such as Access Control (ARA, ARM, EAM, UAR), Process Control (PC), and SAP Enterprise Threat Detection (ETD)
Design and build GRC components that meet evolving business and compliance requirements
Administer and enforce GRC policies to govern both virtual and physical access to critical systems
Develop remediation plans to resolve GRC and security issues, ensuring adherence to internal and regulatory compliance standards
Support the development and execution of General IT Controls (GITC) across SAP environments to meet audit objectives
Evaluate and define business role requirements and support role-based access within a multi-landscape SAP environment
Validate system configuration and security design to protect enterprise assets from unauthorized access
Apply security best practices related to access governance, system hardening, risk mitigation, and policy enforcement
Identify control gaps and implement prioritized security enhancements to reduce exposure to risk
Configure dashboards, alerting mechanisms, and security tooling to monitor system activity
Document processes and incident response steps in security and GRC playbook
Act as the primary liaison with internal and external auditors to address security and compliance inquiries
Partner with Internal Audit to design, test, and refine IT controls and risk mitigation solutions
Drive quarterly User Access Review (UAR) audit cycles to completion
Provide ongoing support for security operations, incident handling, and emergency access processes (EAM)
Experience & Qualifications
12+ years of professional experience working with SAP GRC Access Control 10.0/12.0, including ARM, ARA, EAM, UAR, PC, and ETD
Direct, hands‑on SAP GRC development experience required
7+ years of SAP Security experience spanning environments such as S/4HANA, ECC, BW, MDG, Fiori, PI/PO, eWM, and Solution Manager
7+ years working with Segregation of Duties (SoD) analysis and remediation
Strong foundation in SOX compliance, IT controls, risk management, and IT auditing practice
Proven experience developing SAP GRC strategies to meet Sarbanes‑Oxley requirements
Familiarity with SAP cloud security principles and architecture
Ability to design and manage SAP user provisioning and enterprise security framework
Excellent analytical, troubleshooting, and problem‑solving abilities
Strong written and verbal communication skills with the ability to lead cross‑functional initiatives
Flexibility to participate in a 24/7 rotational on‑call schedule
Bachelor’s degree in Information Technology, Computer Science, Business, or Accounting preferred
About Hansell Tierney Hansell Tierney is one of the premier staffing and recruiting companies in the Pacific Northwest. Launched in 2001, we are a woman‑owned business that serves and staffs Northwest organizations by doing things the right way, not just the easiest way. Hansell Tierney partners with candidates and clients to match the best candidates with interesting local opportunities. We navigate every relationship with the highest level of discretion and service while holding ourselves accountable to our promises. Our business thrives on our deep understanding of the job market and our ability to skillfully tailor our recruitment process to meet our clients' unique needs.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Retail
#J-18808-Ljbffr
Security Engineer (SAP GRC)
role at
Hansell Tierney .
Our client is seeking a highly skilled and motivated
SAP GRC Engineer
to support legal, ethical, and regulatory obligations while maintaining a secure technology environment. This role involves developing and executing security controls, implementing countermeasures to prevent internal and external attacks, and ensuring SAP GRC IT control objectives are in compliance and running at full efficiency.
Hiring Arrangement Direct Hire
Location Greater Seattle Area (3 days/week onsite)
Compensation $150,000 - $190,000 base salary plus RSU & Bonus. All experience levels considered.
Benefits Our client offers a very competitive benefits package, including paid time off, comprehensive medical coverage (medical, dental, vision, pharmacy, behavioral health, hearing aid), and access to employee assistance resources. Additional offerings include a Health Care Reimbursement Account, Dependent Care Assistance Plan, short- and long-term disability coverage, life and AD&D insurance, a 401(k) retirement savings plan, and participation in an employee stock purchase program for eligible team members.
Responsibilities
Serve as the technical expert for SAP GRC—designing, configuring, and maintaining solutions in modules such as Access Control (ARA, ARM, EAM, UAR), Process Control (PC), and SAP Enterprise Threat Detection (ETD)
Design and build GRC components that meet evolving business and compliance requirements
Administer and enforce GRC policies to govern both virtual and physical access to critical systems
Develop remediation plans to resolve GRC and security issues, ensuring adherence to internal and regulatory compliance standards
Support the development and execution of General IT Controls (GITC) across SAP environments to meet audit objectives
Evaluate and define business role requirements and support role-based access within a multi-landscape SAP environment
Validate system configuration and security design to protect enterprise assets from unauthorized access
Apply security best practices related to access governance, system hardening, risk mitigation, and policy enforcement
Identify control gaps and implement prioritized security enhancements to reduce exposure to risk
Configure dashboards, alerting mechanisms, and security tooling to monitor system activity
Document processes and incident response steps in security and GRC playbook
Act as the primary liaison with internal and external auditors to address security and compliance inquiries
Partner with Internal Audit to design, test, and refine IT controls and risk mitigation solutions
Drive quarterly User Access Review (UAR) audit cycles to completion
Provide ongoing support for security operations, incident handling, and emergency access processes (EAM)
Experience & Qualifications
12+ years of professional experience working with SAP GRC Access Control 10.0/12.0, including ARM, ARA, EAM, UAR, PC, and ETD
Direct, hands‑on SAP GRC development experience required
7+ years of SAP Security experience spanning environments such as S/4HANA, ECC, BW, MDG, Fiori, PI/PO, eWM, and Solution Manager
7+ years working with Segregation of Duties (SoD) analysis and remediation
Strong foundation in SOX compliance, IT controls, risk management, and IT auditing practice
Proven experience developing SAP GRC strategies to meet Sarbanes‑Oxley requirements
Familiarity with SAP cloud security principles and architecture
Ability to design and manage SAP user provisioning and enterprise security framework
Excellent analytical, troubleshooting, and problem‑solving abilities
Strong written and verbal communication skills with the ability to lead cross‑functional initiatives
Flexibility to participate in a 24/7 rotational on‑call schedule
Bachelor’s degree in Information Technology, Computer Science, Business, or Accounting preferred
About Hansell Tierney Hansell Tierney is one of the premier staffing and recruiting companies in the Pacific Northwest. Launched in 2001, we are a woman‑owned business that serves and staffs Northwest organizations by doing things the right way, not just the easiest way. Hansell Tierney partners with candidates and clients to match the best candidates with interesting local opportunities. We navigate every relationship with the highest level of discretion and service while holding ourselves accountable to our promises. Our business thrives on our deep understanding of the job market and our ability to skillfully tailor our recruitment process to meet our clients' unique needs.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Retail
#J-18808-Ljbffr