SAP GRC / Security Lead & Architect
Job Description
We are looking to hire a SAP GRC / Security Lead & Architect (Senior Analyst) who will be responsible for designing, implementing, and governing security and compliance across SAP systems, with a particular focus on S/4HANA transformation initiatives, for our client based in the UAE which is one of the largest companies in the region.
This position is a contract role with an initial duration of 18 months.
The role supports the overall SAP program and is critical to ensuring systems meet enterprise-level security, regulatory compliance, and risk management standards.
We are looking for a passionate SAP Security and GRC expert with a strong background in SAP authorizations, GRC Access Control, and role design. You should also have experience in managing access controls, segregation of duties (SoD), audit readiness, and compliance with standards like SOX and GDPR.
Key responsibilities:
- Provide input, review, and sign-off on SAP security design.
- Participate in workshops and support definition of security-related requirements.
- Manage user provisioning, access reviews, and identity integration (e.g., IDM, Azure AD).
- Lead SAP Fiori security setup including catalogs, groups, and OData authorizations.
- Lead deployment and configuration of SAP GRC modules: Access Control, Process Control, Risk Management.
- Design and manage SoD rulesets and mitigation plans.
- Review Firefighter ID governance and risk analysis workflows.
- Drive integrated testing, resolve security defects, and ensure cutover readiness.
- Coordinate with audit, internal controls, and project teams to align technical solutions with compliance needs.
- Maintain security documentation such as test scripts, risk logs, and audit trails.
Knowledge, skills & experience:
- Bachelors or Masters degree in Computer Science, Information Security, or related field.
- 8+ years of SAP Security experience, including 3+ years in SAP S/4HANA programs.
- Hands-on experience with SAP GRC Access Control (ARA, BRM, EAM, ARM), Fiori security, and S/4HANA role design.
- Knowledge of IT general controls, audit processes, and risk frameworks.
- Familiarity with regulatory requirements: SOX, GDPR, ISO 27001.
- Strong skills in SAP authorizations, IAM, documentation, and audit-readiness.
Availability:
- Preference will be given to candidates available immediately or a maximum 30 days after accepting the offer.
We are looking for a candidate who will be able to work in United Arab Emirates. Please apply with your resume and remember to provide us with your contact details.
We will review your job application within 7 working days. Should your profile fit the requirements of the role, a consultant from Edari will be in touch with you to get a deeper understanding of your profile, to discuss the role in more detail and potential next steps.