SAP Security/GRC Consultant

This is a fully remote position, open to applicants in Spain.

📋 Description

• Oversee SAP Security and GRC assessment, design, and implementation projects for clients spanning various industries.

• Facilitate client workshops and gather requirements to comprehend business and security needs.

• Design and configure SAP security roles, authorizations, and GRC Access Control components (including Access Risk Analysis, Emergency Access Management, and Access Request Management).

• Establish and enforce Segregation of Duties (SoD) policies to reduce risks and ensure compliance.

• Provide SAP Security and GRC gap analysis, risk assessments, and remediation strategies.

• Assist clients during audits by preparing documentation, reports, and coordinating access reviews.

• Offer strategic guidance on SAP security best practices, compliance frameworks (such as SOX, GDPR, HIPAA, etc.), and process enhancements.

• Work collaboratively with cross-functional teams, including Basis, functional consultants, and IT auditors, to create secure SAP environments.

• Conduct training sessions for end-users and knowledge transfer workshops.

• Remain informed about SAP security trends, new releases, and regulatory changes to provide proactive consulting services.

⛳️ Requirements

• Minimum of 5 years of consulting experience required.

• At least 3 years of SAP Security and GRC consulting experience with several end-to-end implementations.

• Practical experience with SAP ECC and/or S/4HANA Security.

• Significant expertise in configuring SAP GRC Access Control modules (including Access Risk Analysis, Emergency Access Management, and Access Request Management).

• Strong client-facing and communication skills, capable of explaining technical concepts to non-technical audiences.

• Proven ability to manage multiple client engagements and deliver high-quality results within deadlines.

• Functional / Content Skills

• Comprehensive understanding of Sarbanes-Oxley (SOX), Business Process controls, IT General Controls, and IT governance.

• Profound knowledge and practical experience in the Analysis and Design/Re-Design of Business processes and IT General controls in both SAP and Non-SAP environments.

• Strong analytical abilities and a solid grasp of the broader context of underlying business processes and technologies.

• Familiarity with the procedures and methodologies of internal/external audits.

• Capability to support audits by providing accurate information and data, as well as addressing and resolving identified deficiencies and gaps.

• Technical Skills (Data, Technology, Implementation)

• Proficient in retrieving, analyzing, and reporting/presenting data from diverse sources.

• Understanding of data structures, sources, flows, and integration across various infrastructure platforms, functional domains, and application landscapes/services.

• Current knowledge of concepts and integration of Cloud Services, as well as multi-cloud environments.

• Tool Skill Requirements

• Experience with various ERP systems (both SAP and Non-SAP), operating systems, databases, and financial applications.

• Familiarity with Identity and Access Management solutions and monitoring tools such as Splunk, Qualys, Tripwire, as well as Authorization & SoD.

• Skills in analytics and reporting in the area of ITGC/GRC.

• Proficiency with IT Service Management Tools, including market leaders like SNOW, BMC, JIRA, etc.

• Experience with SAP Identity Management (IdM).

• Knowledge of cloud-based SAP security and hybrid environments.

• Experience working in Agile/Scrum settings.

• Experience with global delivery and collaboration with offshore resources.

• Willingness to travel for project-related purposes.

• Qualifications and certifications

• Bachelor’s degree in Computer Science, Information Technology, or a related field.

• Over 7 years of experience in Financial/IT compliance, risk management, IT audit, and/or IT controls; strong background in an audit firm (e.g., Big Four).

• SAP Security or GRC certifications are advantageous (e.g., SAP Certified Technology Associate – SAP Access Control).

• *We encourage you to apply even if you do not meet all the listed requirements, as we seek team members eager to make an impact and willing to learn. If you believe you possess the necessary skills and experience, please ****apply now. **

***Please submit your CV in English; we cannot process applications otherwise.***

🏝️ Benefits

• **About Infosys Consulting**

• Join a globally recognized management consulting firm at the forefront of industry disruption and technological advancement. We partner with leading brands across various sectors. Our culture fosters inclusivity and entrepreneurship. As a mid-sized consultancy within Infosys, we have the global reach to support our clients throughout their transformation journeys.

• Our core values, IC-LIFE, represent a shared code guiding our progress. IC-LIFE stands for Inclusion, **Equity** and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.

• In Europe, we are acknowledged as one of the top firms in the UK by the Financial Times and Forbes due to our client innovations, cultural diversity, and commitment to training and career development. Infosys ranks among Germany’s top employers for 2023. Management Consulting Magazine includes us in their list of Best Firms to Work for. Additionally, Infosys has been recognized by the Top Employers Institute for five consecutive years for its outstanding employee conditions across Europe.

• We provide industry-leading compensation and benefits, along with premier training and development opportunities for your career growth and personal achievement. Interested in learning more? We’d love to hear from you.... **Apply today!**